10 matches found
EUVD-2022-29033
Malicious code in bioql PyPI...
CVE-2022-24121
SQL Injection vulnerability discovered in Unified Office Total Connect Now that would allow an attacker to extract sensitive information through a cookie parameter...
CVE-2022-24121
SQL Injection vulnerability discovered in Unified Office Total Connect Now that would allow an attacker to extract sensitive information through a cookie parameter...
Sql injection
SQL Injection vulnerability discovered in Unified Office Total Connect Now that would allow an attacker to extract sensitive information through a cookie parameter...
CVE-2022-24121
Unified Office Total Connect Now suffers a cookie-parameter SQL Injection (cookie parameters such as authtoken/PHPSESSID) that can disclose sensitive data. Root cause cited as CWE-565: reliance on cookies without validation/integrity checking. Public sources (CORE advisory) detail vulnerable depl...
CVE-2022-24121
SQL Injection vulnerability discovered in Unified Office Total Connect Now that would allow an attacker to extract sensitive information through a cookie parameter...
Unified Office Total Connect Now SQL注入漏洞
Unified Office Total Connect Now is a VoIp solution for small and medium-sized businesses from Unified Office USA. A security vulnerability exists in Unified Office Total Connect Now that stems from a database-based application that lacks validation of externally entered SQL statements. An attack...
Unified Office Total Connect Now℠ Cookie Parameter SQL Injection
1. Advisory Information Title: Unified Office Total Connect Now℠ Cookie Parameter SQL Injection Advisory ID: CORE-2022-0001 Advisory URL:https://www.coresecurity.com/core-labs/advisories/unified-office-total-connect-sql-injection Date published: 2022-02-01 Date of last update: 2022-02-01 Vendors...
Unified Office Total Connect Now 1.0 SQL Injection
Exploit Title: Unified Office Total Connect Now 1.0 – 'data' SQL Injection Shodan Filter: http.title:"TCN User Dashboard" Date: 06-16-2021 Exploit Author: Ajaikumar Nadar Vendor Homepage: https://unifiedoffice.com/ Software Link: https://unifiedoffice.com/voip-business-solutions/ Version: 1.0...
Unified Office Total Connect Now 1.0 - 'data' SQL Injection
Exploit Title: Unified Office Total Connect Now 1.0 – 'data' SQL Injection Shodan Filter: http.title:"TCN User Dashboard" Date: 06-16-2021 Exploit Author: Ajaikumar Nadar Vendor Homepage: https://unifiedoffice.com/ Software Link: https://unifiedoffice.com/voip-business-solutions/ Version: 1.0...