23 matches found
EUVD-2021-19388
Malware in sbrugna...
EUVD-2024-41526
Malicious code in bioql PyPI...
CVE-2024-45588
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1P160 due to improper access controls on APIs in the Preference module of the application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which could lea...
CVE-2024-45587
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1P160 due to improper access controls on APIs in the Transaction module of vulnerable application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which...
CVE-2024-45586
This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1P160. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which coul...
CVE-2024-45588
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1P160 due to improper access controls on APIs in the Preference module of the application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which could lea...
CVE-2024-45588
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1P160 due to improper access controls on APIs in the Preference module of the application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which could lea...
CVE-2024-45586
This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1P160. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which coul...
CVE-2024-45587
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1P160 due to improper access controls on APIs in the Transaction module of vulnerable application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which...
CVE-2024-45586
This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1P160. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which coul...
CVE-2024-45588 Information Disclosure Vulnerability
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1P160 due to improper access controls on APIs in the Preference module of the application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which could lea...
CVE-2024-45588 Information Disclosure Vulnerability
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1P160 due to improper access controls on APIs in the Preference module of the application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which could lea...
CVE-2024-45588
The CVE-2024-45588 entry describes a vulnerability in Symphony XTS Web Trading platform, version 2.0.0.1_P160, caused by improper access controls in the APIs of the Preference module. An authenticated remote attacker can manipulate HTTP parameters to access and modify sensitive information belong...
CVE-2024-45587 Unauthorized Modification Vulnerability
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1P160 due to improper access controls on APIs in the Transaction module of vulnerable application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which...
CVE-2024-45587 Unauthorized Modification Vulnerability
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1P160 due to improper access controls on APIs in the Transaction module of vulnerable application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which...
CVE-2024-45587
The CVE-2024-45587 issue affects Symphony XTS Web Trading platform 2.0.0.1_P160, arising from improper access controls in the APIs of the Transaction module. An authenticated remote attacker could manipulate parameters via HTTP requests to compromise other user accounts. The vulnerability is docu...
CVE-2024-45586
CVE-2024-45586 affects Symphony XTS Web Trading and Mobile Trading platforms, version 2.0.0.1_P160. The root cause is improper access controls in the Authentication module’s APIs. An authenticated, remote attacker can manipulate HTTP request parameters to perform an unauthorized account takeover ...
PT-2024-31689 · Unknown · Symphony Xts Mobile Trading +1
Name of the Vulnerable Software and Affected Versions: Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1 P160 Description: This issue exists due to improper access controls on APIs in the Authentication module. An authenticated remote attacker could exploit this by manipulatin...
PT-2024-31690 · Unknown · Symphony Xts Web Trading Platform
Name of the Vulnerable Software and Affected Versions: Symphony XTS Web Trading platform version 2.0.0.1 P160 Description: This issue exists due to improper access controls on APIs in the Transaction module of the vulnerable application. An authenticated remote attacker could exploit this by...
CVE-2021-32542
The parameters of the specific functions in the CTS Web trading system do not filter special characters, which allows unauthenticated attackers can remotely perform reflected XSS and obtain the users’ connection token that triggered the attack...