NVD disclosure day
CVE-2024-6878
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in the Eliz Software Panel allows external parties to access files or directories. This could enable an attacker to collect sensitive data from common resource locations. This poses a risk to affected organizations and their data.
CVE-2024-6877
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in Eliz Software Panel allows for cross-site scripting, potentially impacting data and user sessions. The risk arises from improper input handling, enabling attackers to inject malicious code via user interaction. This could lead to unauthorized actions and data compromise for affected organizations.
CVE-2024-5960
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in Eliz Software Panel permits the storage of passwords in plaintext. This could allow unauthorized access to systems and data. The realistic business risk involves potential data exposure and unauthorized system control.
CVE-2024-5959
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A stored cross-site scripting vulnerability in Eliz Software Panel can allow attackers to inject malicious scripts into web pages, potentially leading to unauthorized data access or content manipulation. This poses a risk to affected organizations by enabling script execution within the panel, which can impact user ses
CVE-2024-5958
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in Eliz Software Panel allows unauthorized command execution via SQL injection. This impacts systems running the affected panel, creating risks to data and operational integrity for organizations. Attackers can exploit this flaw without authentication, leading to potential data compromise and system dis