Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-04-14
Med.
Med.
Low
Med.
Low
Med.
Low
Med.
2024-04-11
Med.
Med.
High
Low
High

The latest CVEs

2024-04-15
CVE-2024-29836
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control, allowing for an unauthenticated attacker to update and add user profiles within the application, and gain full access of the site.
CVE-2024-29837
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below uses poor session management, allowing for an unauthenticated attacker to access administrator functionality if any other user is already signed in.
CVE-2024-29838
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below does not proper sanitize user input, allowing for an unauthenticated attacker to crash the controller software
CVE-2024-29839
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOP_EDIT_USER_GET_CARD, allowing for an unauthenticated attacker to return the card value data of any user
CVE-2024-29840
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOP_EDIT_USER_GET_PIN_FIELDS, allowing for an unauthenticated attacker to return the pin value of any user
CVE-2024-29841
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOP_EDIT_USER_GET_KEYS_FIELDS, allowing for an unauthenticated attacker to return the keys value of any user
CVE-2024-29842
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOP_EDIT_USER_GET_ABACARD_FIELDS, allowing for an unauthenticated attacker to return the abacard field of any user
CVE-2024-29843
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on MOBILE_GET_USERS_LIST, allowing for an unauthenticated attacker to enumerate all users and their access levels
CVE-2024-29844
Default credentials on the Web Interface of Evolution Controller 2.x (123 and 123) allows anyone to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the password. There is no warning or prompt to ask the user to change the default password.
CVE-2024-3766
A vulnerability, which was classified as problematic, has been found in slowlyo OwlAdmin up to 3.5.7. Affected by this issue is some unknown functionality of the file /admin-api/upload_image of the component Image File Upload. The manipulation of the argument file leads to cross site scripting. The attack may be launched remotely. The exploit has b...

Dorks

2024-04-14
Med.
Bigem Teknoloji - Sql Injection
"Designed by Bigem Teknoloji"
behrouz mansoori
2024-04-06
Med.
SolarView Compact 6.00 - Command Injection
http.html:"solarview compact"
parsa rezaie khiabanloo
2024-03-30
High
SolarView Compact 6.00 - Command Injection Bypass authentication( CVE-2023-23333 )
http.html:"solarview compact"
parsa rezaie khiabanloo
2024-03-24
Med.
Chenarkhayyam - Sql Injection And Waf , Cdn Bypass
"طراحی شده توسط سایت چنار خیام"
parsa rezaie khiabanloo
2024-03-20
High
SolarView Compact 6.00 Command Injection( CVE-2023-23333 )
http.html:"solarview compact"
ByteHunter

Copyright 2024, cxsecurity.com

 

Back to Top