IDCVSSSummaryLast (major) updatePublished
CVE-2012-6427 7.5
Multiple SQL injection vulnerabilities in Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a similar issue to CVE-2012-5861.
24-12-2012 - 05:00 23-12-2012 - 21:55
CVE-2012-6428 10.0
Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 establishes multiple hardcoded accounts, which makes it easier for remote attackers to obtain administrative access by reading a password in a PHP script, a similar issue to CVE-2012-5862.
08-01-2013 - 05:00 23-12-2012 - 21:55
Back to Top Mark selected
Back to Top