Vulnerabilidades em Plug&Track
7 resultadosCVE-2024-31199HIGHA “CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')” allows malicious users to permanently injecEPSS 0.3%CVE-2024-3083HIGHA “CWE-352: Cross-Site Request Forgery (CSRF)” can be exploited by remote attackers to perform state-changing operations with administrativeEPSS 0.2%CVE-2024-31200MEDIUMA “CWE-201: Insertion of Sensitive Information Into Sent Data” affecting the administrative account allows an attacker with physical access EPSS 0.2%CVE-2024-31201MEDIUMA “CWE-428: Unquoted Search Path or Element” affects the ThermoscanIP_Scrutation service. Such misconfiguration could be abused in scenariosEPSS 0.2%CVE-2024-31202HIGHA “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP installation folder allows a local attacker to perforEPSS 0.2%CVE-2024-31203LOWA “CWE-121: Stack-based Buffer Overflow” in the wd210std.dll dynamic library packaged with the ThermoscanIP installer allows a local attackeEPSS 0.1%CVE-2024-3082MEDIUMA “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an attacker with physical access to the machine to EPSS 0.1%