d4lyw

3 exploits Active since Aug 2024
CVE-2024-46627 NOMISEC CRITICAL WRITEUP
BECN DATAGERRY v2.2 - Improper Access Control
Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands via crafted web requests.
CVSS 9.1
CVE-2024-45241 NOMISEC HIGH WRITEUP
CentralSquare CryWolf - Path Traversal
A traversal vulnerability in GeneralDocs.aspx in CentralSquare CryWolf (False Alarm Management) through 2024-08-09 allows unauthenticated attackers to read files outside of the working web directory via the rpt parameter, leading to the disclosure of sensitive information.
CVSS 7.5
CVE-2024-45241 WRITEUP HIGH WRITEUP
CentralSquare CryWolf - Path Traversal
A traversal vulnerability in GeneralDocs.aspx in CentralSquare CryWolf (False Alarm Management) through 2024-08-09 allows unauthenticated attackers to read files outside of the working web directory via the rpt parameter, leading to the disclosure of sensitive information.
CVSS 7.5