Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2022/09/28 1:45 p.m.12 views

CVE-2022-28816 Reflected XSS in Carlo Gavazzi UWP 3.0

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy is prone to reflected XSS which only affects the Sentilo service...

6.1CVSS6.2AI score0.00208EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2022/09/28 1:45 p.m.5 views

CVE-2022-28816 Reflected XSS in Carlo Gavazzi UWP 3.0

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy is prone to reflected XSS which only affects the Sentilo service...

6.1CVSS6AI score0.00208EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/09/28 1:45 p.m.15 views

CVE-2022-28815 SQL-Injection in Carlo Gavazzi UWP 3.0 Sentilo Proxy

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy server was discovered to contain a SQL injection vulnerability allowing an attacker to query other tables of the Sentilo service...

2.7CVSS5AI score0.00202EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2022/09/28 1:45 p.m.5 views

CVE-2022-28814 Path traversal in Carlo Gavazzi UWP 3.0 could lead to full device access

Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered to be vulnerable to a relative path traversal vulnerability which enables remote attackers to read arbitrary files and gain full control of the device...

9.8CVSS9.6AI score0.01172EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/09/28 1:45 p.m.18 views

CVE-2022-22524 SQL-injection in Carlo Gavazzi UWP 3.0 allows for full database access

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an unauthenticated remote attacker could utilize a SQL-Injection vulnerability to gain full database access, modify users and stop services...

9.4CVSS9.6AI score0.01276EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/09/28 1:45 p.m.12 views

CVE-2022-22523 Carlo Gavazzi UWP 3.0 WebApp allows for authentication bypass

An improper authentication vulnerability exists in the Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 Web-App which allows an authentication bypass to the context of an unauthorised user if free-access is disabled...

7.5CVSS7.9AI score0.00229EPSS
Exploits0References1
CNNVD
CNNVDadded 2022/09/28 12:0 a.m.3 views

Carlo Gavazzi UWP 路径遍历漏洞

Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. It is used for applications such as building automation, energy efficiency performance management and parking lot guidance. A path traversal vulnerability exists in Carlo Gavazzi UWP 3.0, which can be exploit...

9.8CVSS8.6AI score0.01172EPSS
Exploits0References2
Rows per page
Query Builder