Show filters
12 Total Results
Displaying 1-10 of 12
Sort by:
Attacker Value
Unknown

CVE-2024-6415

Disclosure Date: June 30, 2024 (last updated February 26, 2025)
A vulnerability classified as problematic was found in Ingenico Estate Manager 2023. Affected by this vulnerability is an unknown functionality of the file /emgui/rest/preferences/PREF_HOME_PAGE/sponsor/3/ of the component New Widget Handler. The manipulation of the argument URL leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-270001 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
0
0
Attacker Value
Unknown

CVE-2024-6059

Disclosure Date: June 17, 2024 (last updated February 26, 2025)
A vulnerability, which was classified as problematic, has been found in Ingenico Estate Manager 2023. This issue affects some unknown processing of the file /emgui/rest/ums/messages of the component News Feed. The manipulation of the argument message leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-268787. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2018-17769

Disclosure Date: September 09, 2020 (last updated February 22, 2025)
Ingenico Telium 2 POS terminals have a buffer overflow via the 0x26 command of the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.
Attack Vector: PhysicalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2018-17774

Disclosure Date: September 09, 2020 (last updated November 28, 2024)
Ingenico Telium 2 POS terminals have an insecure NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.
Attack Vector: PhysicalPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2018-17770

Disclosure Date: September 09, 2020 (last updated February 22, 2025)
Ingenico Telium 2 POS terminals have a buffer overflow via the RemotePutFile command of the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.
Attack Vector: PhysicalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2018-17772

Disclosure Date: September 09, 2020 (last updated November 28, 2024)
Ingenico Telium 2 POS terminals allow arbitrary code execution via the TRACE protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.
Attack Vector: PhysicalPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2018-17768

Disclosure Date: September 09, 2020 (last updated November 28, 2024)
Ingenico Telium 2 POS terminals have an insecure TRACE protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.
Attack Vector: PhysicalPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2018-17765

Disclosure Date: September 09, 2020 (last updated November 28, 2024)
Ingenico Telium 2 POS terminals have undeclared TRACE protocol commands. This is fixed in Telium 2 SDK v9.32.03 patch N.
Attack Vector: PhysicalPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2018-17771

Disclosure Date: September 09, 2020 (last updated February 22, 2025)
Ingenico Telium 2 POS terminals have hardcoded FTP credentials. This is fixed in Telium 2 SDK v9.32.03 patch N.
Attack Vector: PhysicalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2018-17773

Disclosure Date: September 09, 2020 (last updated February 22, 2025)
Ingenico Telium 2 POS terminals have a buffer overflow via SOCKET_TASK in the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.
Attack Vector: PhysicalPrivileges: NoneUser Interaction: None
0
0
View More Topics  Next >