EUVD-2023-52777

Malicious code in bioql PyPI...

CVE-2024-1040

Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device...

CVE-2023-48744

Cross-Site Request Forgery CSRF vulnerability in Offshore Web Master Availability Calendar allows Cross Site Request Forgery.This issue affects Availability Calendar: from n/a through 1.2.6...

CVE-2024-1039

Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device...

CVE-2024-1039

Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device...

CVE-2024-1040

Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device...

Hardcoded credentials

Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device...

CVE-2024-1039 Use of Hard-coded Credentials in Gessler GmbH WEB-MASTER

Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device...

CVE-2024-1039

CVE-2024-1039 – Gessler GmbH WEB-MASTER is a vulnerability in the WEB-MASTER emergency lighting management system (affected version: 7.9) caused by a restoration account that uses weak, hard-coded credentials. An attacker could remotely take control of the device’s web management (CVSS v3.1 base ...

Gessler GmbH WEB-MASTER

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable Remotely/Low attack complexity Vendor : Gessler GmbH Equipment : WEB-MASTER Vulnerabilities : Use of Weak Credentials, Use of Weak Hash 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a user to take...

PT-2024-16239 · Gessler Gmbh · Web-Master

Name of the Vulnerable Software and Affected Versions: Gessler GmbH WEB-MASTER affected versions not specified Description: The issue concerns a restoration account in Gessler GmbH WEB-MASTER that utilizes weak, hard-coded credentials. If exploited, this could grant an attacker control over the...

Gessler GmbH WEB-MASTER Authorization Issue Vulnerability

Gessler GmbH WEB-MASTER is an emergency lighting management system from Gessler GmbH, Germany. A security vulnerability exists in Gessler GmbH WEB-MASTER version 7.9, which stems from the use of weakly hard-coded credentials to recover accounts, and which could be exploited by an attacker to take...

PT-2024-16246 · Gessler Gmbh · Web-Master

Name of the Vulnerable Software and Affected Versions: Gessler GmbH WEB-MASTER affected versions not specified Description: The issue concerns the use of a weak hashing algorithm for storing user account passwords. An attacker can potentially restore passwords by breaking the hashes stored on the...

Gessler GmbH WEB-MASTER Encryption Problem Vulnerability

Gessler GmbH WEB-MASTER is an emergency lighting management system from Gessler GmbH, Germany. A security vulnerability exists in Gessler GmbH WEB-MASTER version 7.9, which stems from the use of a weak hash algorithm for storing user accounts, and allows an attacker to recover passwords by...

CVE-2023-48744

Cross-Site Request Forgery CSRF vulnerability in Offshore Web Master Availability Calendar allows Cross Site Request Forgery.This issue affects Availability Calendar: from n/a through 1.2.6...

CVE-2023-48744

Cross-Site Request Forgery CSRF vulnerability in Offshore Web Master Availability Calendar allows Cross Site Request Forgery.This issue affects Availability Calendar: from n/a through 1.2.6...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Offshore Web Master Availability Calendar allows Cross Site Request Forgery.This issue affects Availability Calendar: from n/a through 1.2.6...

CVE-2023-48744

CVE-2023-48744 is a CSRF vulnerability in the WordPress plugin Availability Calendar (affected:

Cells Blog 3.3跨站脚本和SQL注入漏洞

No description provided by source. 1 Reflective XSS on 'msg=' PoC: http://localhost/cells-v3-3/errmsg.php?msg= %3C%2Fp%3E%3Cscript%3Ealert%28%27XSS%27%29%3B%3C%2Fscript%3E%3Cp%3E Vulnerable Code: + errmsg.php ? echo "img src='images/error.gif'"; if isset$GET"msg"$msg=$GET"msg";else$msg=""; if...