Comet System多款产品 访问控制错误漏洞

Comet System T0510 and others are a temperature sensor from Comet System. An access control error vulnerability exists in various Comet System products, which stems from a lack of authentication in the file /setupA.cfg. The following products and versions are affected: T0510, T3510, T3511, T4511,...

Wiesemann & Theis Com-Server 加密问题漏洞

Wiesemann & Theis Com-Server is a communication server for industrial automation from Wiesemann & Theis that provides connectivity between serial devices and Ethernet. A cryptographic issue vulnerability exists in Wiesemann & Theis Com-Server versions prior to 1.60 that stems from the use of...

CVE-2024-11587 idcCMS classProvCity.php GetCityOptionJs cross site scripting

A vulnerability was found in idcCMS 1.60. It has been classified as problematic. This affects the function GetCityOptionJs of the file /inc/classProvCity.php. The manipulation of the argument idName leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has bee...

PT-2024-17119 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idcCMS version 1.60 Description: A problematic issue was found in idcCMS, affecting the GetCityOptionJs function of the file /inc/classProvCity.php. The manipulation of the idName argument leads to cross-site scripting. This issue can be...

Incorrect authorization vulnerability in OMRON Sysmac Studio

Overview Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability CWE-863, CVE-2024-49501. OMRON Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC coordinated with OMRON Corporation for the JVN advisory...

CVE-2023-33829

A stored cross-site scripting XSS vulnerability in Cloudogu GmbH SCM Manager v1.2 to v1.60 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description text field...

WordPress Gallery from files plugin <= 1.60 - Unauthenticated Remote Code Execution (RCE) vulnerability

Unauthenticated Remote Code Execution RCE vulnerability discovered by WPScanTeam in WordPress Gallery from files plugin versions = 1.60. Solution This plugin has been closed as of May 24, 2021 and is not available for download. This closure is temporary, pending a full review...

OPENSUSE-SU-2020:0607-1 Security update for bouncycastle

This update for bouncycastle fixes the following issues: Version update to 1.60: CVE-2018-1000613: Use of Externally-ControlledInput to Select Classes or Code boo1100694 Release notes: http://www.bouncycastle.org/releasenotes.html Version update to 1.59: CVE-2017-13098: Fix against Bleichenbacher...

CVE-2018-1000180

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 bet...

Webmin show.cgi Open Function Call Command Execution

Added: 11/26/2012 CVE: CVE-2012-2982 BID: 55446 OSVDB: 85248 Background Webmin is a web-based interface for system administration of Unix systems. The Webmin web server listens by default on port 10000/tcp. Problem Webmin 1.59 and earlier are vulnerable to remote code execution as a result of...

ewire Payment Client 1.601.70 - Command Execution

ewire Payment Client 1.601.70 - Command Execution source: https://www.securityfocus.com/bid/25683/info ewire Payment Client is prone to a vulnerability that allows attackers to execute arbitrary shell commands because the software fails to sanitize user-supplied input. An attacker may leverage th...

Detectoid for AzureConnectMachineAgent 1.60 - January 2026 Update

Detectoid for AzureConnectMachineAgent 1.60 - January 2026 Update...