21 matches found
EUVD-2021-19650
Malware in sbrugna...
EUVD-2021-19648
Malware in sbrugna...
CVE-2021-32927
An attacker may be able to inject client-side JavaScript code on multiple instances within all versions of Uffizio GPS Tracker...
CVE-2021-32929
All versions of Uffizio GPS Tracker may allow an attacker to perform unintended actions on behalf of a user...
CVE-2020-17485
A Remote Code Execution vulnerability exist in Uffizio's GPS Tracker all versions. The web server can be compromised by uploading and executing a web/reverse shell. An attacker could then run commands, browse system files, and browse local resources...
CVE-2020-17483
An improper access control vulnerability exists in Uffizio's GPS Tracker all versions that lead to sensitive information disclosure of all the connected devices. By visiting the vulnerable host at port 9000, we see it responds with a JSON body that has all the details about the devices which have...
Improper access control
An improper access control vulnerability exists in Uffizio's GPS Tracker all versions that lead to sensitive information disclosure of all the connected devices. By visiting the vulnerable host at port 9000, we see it responds with a JSON body that has all the details about the devices which have...
Open redirect
An Open Redirection vulnerability exists in Uffizio's GPS Tracker all versions allows an attacker to construct a URL within the application that causes a redirection to an arbitrary external domain...
CVE-2020-17483
An improper access control vulnerability exists in Uffizio's GPS Tracker all versions that lead to sensitive information disclosure of all the connected devices. By visiting the vulnerable host at port 9000, we see it responds with a JSON body that has all the details about the devices which have...
CVE-2020-17484
CVE-2020-17484 : Uffizio’s GPS Tracker (all versions) has an Open Redirect vulnerability. An attacker can craft a URL within the application to redirect victims to an arbitrary external domain due to insufficient input/URL validation. Impact is described as redirecting to an external site; exploi...
PT-2023-11481 · Uffizio · Uffizio'S Gps Tracker
Name of the Vulnerable Software and Affected Versions: Uffizio's GPS Tracker all versions Description: An improper access control issue exists, leading to sensitive information disclosure of connected devices. Visiting the vulnerable host at port 9000 returns a JSON body with details about deploy...
CVE-2021-32929
All versions of Uffizio GPS Tracker may allow an attacker to perform unintended actions on behalf of a user...
CVE-2021-32927
An attacker may be able to inject client-side JavaScript code on multiple instances within all versions of Uffizio GPS Tracker...
Code injection
All versions of Uffizio GPS Tracker may allow an attacker to perform unintended actions on behalf of a user...
CVE-2021-32927
CVE-2021-32927 affects all versions of Uffizio GPS Tracker and is described as a Cross-Site Scripting vulnerability (CWE-79) caused by improper neutralization of input during web page generation. The issue enables an attacker to inject client-side JavaScript into multiple instances, potentially e...
CVE-2021-32927 Uffizio GPS Tracker Cross-site Scripting
An attacker may be able to inject client-side JavaScript code on multiple instances within all versions of Uffizio GPS Tracker...
CVE-2021-32927 Uffizio GPS Tracker Cross-site Scripting
An attacker may be able to inject client-side JavaScript code on multiple instances within all versions of Uffizio GPS Tracker...
CVE-2021-32929 Uffizio GPS Tracker Cross-site Request Forgery
All versions of Uffizio GPS Tracker may allow an attacker to perform unintended actions on behalf of a user...
CVE-2021-32929 Uffizio GPS Tracker Cross-site Request Forgery
All versions of Uffizio GPS Tracker may allow an attacker to perform unintended actions on behalf of a user...
Uffizio GPS Tracker 跨站脚本漏洞
Uffizio Gps Tracker is a Gps tracker from Uffizio India. Uffizio GPS Tracker suffers from a cross-site scripting vulnerability that can be exploited by an attacker to gain access to the host computer to view sensitive information, obtain code execution, cause a redirect to an arbitrary external...