|
421
|
- |
|
-
|
-
|
Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification.
This is…
|
-
|
CVE-2023-4537
|
2024-10-11 01:15 |
2024-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
422
|
5.4 |
MEDIUM
Network
|
megabip
smod
|
megabip
smodbip
|
Improper Input Validation vulnerability in MegaBIP and already unsupported SmodBIP software allows for Stored XSS.This issue affects SmodBIP in all versions and MegaBIP in versions up to 4.36.2. Meg…
|
CWE-79
Cross-site Scripting
|
CVE-2023-5378
|
2024-10-11 01:15 |
2024-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
423
|
7.6 |
HIGH
Physics
|
paxtechnology
|
paydroid
|
PAX A920 device allows to downgrade bootloader due to a bug in its version check. The signature is correctly checked and only bootloader signed by PAX can be used.
The attacker must have physica…
|
CWE-74
Injection
|
CVE-2023-4818
|
2024-10-11 01:15 |
2024-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
424
|
7.8 |
HIGH
Local
|
paxtechnology
|
paydroid
|
PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow for command execution with high privileges by using malicious symlinks.
The attacker must have…
|
CWE-59
Link Following
|
CVE-2023-42137
|
2024-10-11 01:15 |
2024-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
425
|
7.8 |
HIGH
Local
|
paxtechnology
|
paydroid
|
PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow the execution of arbitrary commands with system account privilege by shell injection starting with…
|
CWE-74
Injection
|
CVE-2023-42136
|
2024-10-11 01:15 |
2024-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
426
|
6.8 |
MEDIUM
Physics
|
paxtechnology
|
paydroid
|
PAX A920Pro/A50 devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow local code execution via parameter injection by bypassing the input validation when flashing a specific …
|
CWE-74
Injection
|
CVE-2023-42135
|
2024-10-11 01:15 |
2024-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
427
|
9.8 |
CRITICAL
Network
hongdian
|
h8951-4g-esp_firmware
|
The authentication mechanism can be bypassed by overflowing the value of the Cookie "authentication" field, provided there is an active user session.
|
CWE-287
Improper Authentication
|
CVE-2023-49262
|
2024-10-11 01:15 |
2024-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
428
|
7.5 |
HIGH
Network
hongdian
|
h8951-4g-esp_firmware
|
The "tokenKey" value used in user authorization is visible in the HTML source of the login page.
|
NVD-CWE-noinfo
|
CVE-2023-49261
|
2024-10-11 01:15 |
2024-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
429
|
7.5 |
HIGH
Network
hongdian
|
h8951-4g-esp_firmware
|
The authentication cookies are generated using an algorithm based on the username, hardcoded secret and the up-time, and can be guessed in a reasonable time.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2023-49259
|
2024-10-11 01:15 |
2024-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
430
|
8.8 |
HIGH
Network
|
hongdian
|
h8951-4g-esp_firmware
|
An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate upload utility and execute it with the root user privileges.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2023-49257
|
2024-10-11 01:15 |
2024-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
