CVE-2024-57587 |
Description: EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are vulnerable to SQL Injection on the authentication portal.
EPSS Score: 0.04%
February 1st, 2025 (5 months ago)
|
CVE-2024-57435 |
Description: In macrozheng mall-tiny 1.0.1, an attacker can send null data through the resource creation interface resulting in a null pointer dereference occurring in all subsequent operations that require authentication, which triggers a denial-of-service attack and service restart failure.
EPSS Score: 0.04%
February 1st, 2025 (5 months ago)
|
CVE-2024-57434 |
Description: macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control. The project imports users by default, and the test user is made a super administrator.
EPSS Score: 0.04%
February 1st, 2025 (5 months ago)
|
CVE-2024-57433 |
Description: macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control via the logout function. After a user logs out, their token is still available and fetches information in the logged-in state.
EPSS Score: 0.04%
February 1st, 2025 (5 months ago)
|
CVE-2024-57432 |
Description: macrozheng mall-tiny 1.0.1 suffers from Insecure Permissions. The application's JWT signing keys are hardcoded and do not change. User information is explicitly written into the JWT and used for subsequent privilege management, making it is possible to forge the JWT of any user to achieve authentication bypass.
EPSS Score: 0.04%
February 1st, 2025 (5 months ago)
|
CVE-2024-55062 |
Description: EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are vulnerable to Command injection.
EPSS Score: 0.04%
February 1st, 2025 (5 months ago)
|
CVE-2024-53584 |
Description: OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter.
EPSS Score: 0.04%
February 1st, 2025 (5 months ago)
|
CVE-2024-53582 |
Description: An issue found in the Copy and View functions in the File Manager component of OpenPanel v0.3.4 allows attackers to execute a directory traversal via a crafted HTTP request.
EPSS Score: 0.04%
February 1st, 2025 (5 months ago)
|
CVE-2024-53537 |
Description: An issue in OpenPanel v0.3.4 to v0.2.1 allows attackers to execute a directory traversal in File Actions of File Manager.
EPSS Score: 0.04%
February 1st, 2025 (5 months ago)
|
CVE-2024-53357 |
Description: In EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0, the AES encryption keys used to encrypt passwords are not stored securely.
EPSS Score: 0.04%
February 1st, 2025 (5 months ago)
|