Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown
CVE-2024-32739
Disclosure Date: May 14, 2024 (last updated May 15, 2024)
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "query_ptask_verbose" function within MCUDBHelper.
0
Attacker Value
Unknown
CVE-2024-32738
Disclosure Date: May 14, 2024 (last updated May 15, 2024)
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "query_ptask_lean" function within MCUDBHelper.
0
Attacker Value
Unknown
CVE-2024-32737
Disclosure Date: May 14, 2024 (last updated May 15, 2024)
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "query_contract_result" function within MCUDBHelper.
0
Attacker Value
Unknown
CVE-2024-32736
Disclosure Date: May 14, 2024 (last updated May 15, 2024)
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "query_utask_verbose" function within MCUDBHelper.
0
Attacker Value
Unknown
CVE-2024-32735
Disclosure Date: May 14, 2024 (last updated May 15, 2024)
An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can access the PDNU REST APIs, which may result in compromise of the application.
0
