Vulnerabilidades

*** Pendiente de traducción *** A vulnerability exists in a SDM600 endpoint.<br /> An attacker could exploit this vulnerability by running multiple parallel requests, the SDM600 web services become busy rendering the application unresponsive.<br /> This issue affects: All SDM600 versions prior to version 1.2 FP3 HF4 (Build Nr. 1.2.23000.291)<br /> <br /> <br /> <br /> List of CPEs:<br /> <br /> <br /> * cpe:2.3:a:hitachienergy:sdm600:1.0:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.1:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.9002.257:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.10002.257:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.11002.149:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.12002.222:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.13002.72:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.44:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.92:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.108:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.182:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.257:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.342:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.447:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.481:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.506:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.566:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.20000.3174:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.21000.291:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.21000.931:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.21000.105:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.23000.291:*:*:*:*:*:*:*<br /> <br /> <br />

*** Pendiente de traducción *** A vulnerability exists in the SDM600 API web services authorization validation implementation. <br /> An attacker who successfully exploits the vulnerability could read data directly from a data store that is not restricted, or insufficiently protected, having access to sensitive data.<br /> <br /> <br /> <br /> This issue affects: All SDM600 versions prior to version 1.2 FP3 HF4 (Build Nr. 1.2.23000.291)<br /> <br /> <br /> <br /> List of CPEs:<br /> <br /> <br /> * cpe:2.3:a:hitachienergy:sdm600:1.0:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.1:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.9002.257:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.10002.257:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.11002.149:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.12002.222:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.13002.72:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.44:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.92:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.108:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.182:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.257:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.342:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.447:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.481:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.506:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.566:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.20000.3174:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.21000.291:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.21000.931:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.21000.105:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.23000.291:*:*:*:*:*:*:*<br /> <br /> <br /> <br /> <br />

*** Pendiente de traducción *** A vulnerability exists in the SDM600 file permission validation. <br /> An attacker could exploit the vulnerability by gaining access to the system and uploading a specially crafted message to the system node, which could result in Arbitrary code Executing.<br /> <br /> <br /> <br /> This issue affects: All SDM600 versions prior to version 1.2 FP3 HF4 (Build Nr. 1.2.23000.291)<br /> <br /> <br /> <br /> List of CPEs:<br /> <br /> <br /> * cpe:2.3:a:hitachienergy:sdm600:1.0:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.1:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.9002.257:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.10002.257:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.11002.149:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.12002.222:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.13002.72:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.44:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.92:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.108:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.182:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.257:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.342:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.447:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.481:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.506:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.14002.566:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.20000.3174:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.21000.291:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.21000.931:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.21000.105:*:*:*:*:*:*:*<br /> * cpe:2.3:a:hitachienergy:sdm600:1.2.23000.291:*:*:*:*:*:*:*<br /> <br /> <br /> <br /> <br />

*** Pendiente de traducción *** Improper Neutralization of Special Elements used in an SQL Command (&amp;#39;SQL Injection&amp;#39;) vulnerability in Apache Software Foundation Apache Fineract.<br /> Authorized users may be able to change or add data in certain components.  <br /> <br /> This issue affects Apache Fineract: from 1.4 through 1.8.2.<br /> <br />

*** Pendiente de traducción *** Improper Neutralization of Special Elements used in an SQL Command (&amp;#39;SQL Injection&amp;#39;) vulnerability in Apache Software Foundation apache fineract.<br /> Authorized users may be able to exploit this for limited impact on components.  <br /> <br /> This issue affects apache fineract: from 1.4 through 1.8.2.<br /> <br />

*** Pendiente de traducción *** Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract.<br /> Authorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic. <br /> <br /> This issue affects Apache Fineract: from 1.4 through 1.8.3.<br /> <br />

*** Pendiente de traducción *** Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin

*** Pendiente de traducción *** Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mehjabin Orthi Interactive SVG Image Map Builder plugin

*** Pendiente de traducción *** Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager plugin

*** Pendiente de traducción *** Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in iThemes WPComplete plugin

*** Pendiente de traducción *** Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in biplob018 Image Hover Effects for Elementor with Lightbox and Flipbox plugin 

*** Pendiente de traducción *** Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin