ByteOS Network

Gerencia Web

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

0Vulnerabilities found

CVE-2023-4392

Assigner-VulDB

View Details

Assigner-VulDB

CVSS Score-3.7||LOW

EPSS-0.05% / 15.86%

7 Day CHG~0.00%

Published-17 Aug, 2023 | 02:31

Updated-07 Oct, 2024 | 20:07

Control iD Gerencia Web Cookie cleartext storage

A vulnerability was found in Control iD Gerencia Web 1.30 and classified as problematic. Affected by this issue is some unknown functionality of the component Cookie Handler. The manipulation leads to cleartext storage of sensitive information. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237380. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Vendor-assaabloy Control iD assaabloy

Product-control_id_gerencia_web Gerencia Web control_id_gerencia_web

CWE ID-CWE-312

Cleartext Storage of Sensitive Information

CVE-2023-0125

Assigner-VulDB

View Details

Assigner-VulDB

CVSS Score-2.4||LOW

EPSS-0.07% / 22.19%

7 Day CHG~0.00%

Published-09 Jan, 2023 | 20:51

Updated-02 Aug, 2024 | 05:02

Control iD Gerencia Web Web Interface cross site scripting

A vulnerability was found in Control iD Gerencia Web 1.30. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Web Interface. The manipulation of the argument Nome leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-217717 was assigned to this vulnerability.

Vendor-control_id_panel_project Control iD

Product-control_id_panel Gerencia Web

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')