Viewpower@2.0-22165 Security Vulnerabilities and Issues — Viewpower@2.0-22165 CVE List

Lucene search

VoltronicpowerViewpower2.0-22165

10 matches found

CVE•added 2024/05/03 3:16 a.m.•50 views

CVE-2023-51590

Voltronic Power ViewPower Pro UpLoadAction Unrestricted File Upload Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The...

9.8CVSS9.8AI score0.03398EPSS

CVE•added 2024/04/01 10:15 p.m.•48 views

CVE-2023-51572

Voltronic Power ViewPower Pro getMacAddressByIp Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The s...

9.8CVSS10AI score0.3312EPSS

CVE•added 2024/05/03 3:16 a.m.•47 views

CVE-2023-51595

Voltronic Power ViewPower Pro selectDeviceListBy SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The spec...

9.8CVSS9.9AI score0.30238EPSS

CVE•added 2024/05/03 3:16 a.m.•44 views

CVE-2023-51591

Voltronic Power ViewPower Pro doDocument XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulne...

7.5CVSS6.2AI score0.00139EPSS

CVE•added 2024/05/03 3:16 a.m.•43 views

CVE-2023-51586

Voltronic Power ViewPower Pro selectEventConfig SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The speci...

9.8CVSS9.9AI score0.07647EPSS

CVE•added 2024/05/03 3:16 a.m.•43 views

CVE-2023-51593

Voltronic Power ViewPower Pro Expression Language Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specifi...

9.8CVSS9.9AI score0.02018EPSS

CVE•added 2024/05/03 3:16 a.m.•42 views

CVE-2023-51588

Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower Pro. An attacker must first obtain the ability to execute low-privilege...

7.8CVSS7.8AI score0.00054EPSS

CVE•added 2024/04/01 10:15 p.m.•40 views

CVE-2023-51571

Voltronic Power ViewPower Pro SocketService Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerabi...

7.5CVSS7.8AI score0.00551EPSS

CVE•added 2024/04/01 10:15 p.m.•39 views

CVE-2023-51573

Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerab...

9.8CVSS9.7AI score0.00615EPSS

CVE•added 2024/04/01 10:15 p.m.•38 views

CVE-2023-51570

Voltronic Power ViewPower Pro Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The spe...

9.8CVSS9.9AI score0.03454EPSS