CVE-2023-34429

Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token...

Weintek Weincloud 授权问题漏洞

Weintek Weincloud is a cloud-based monitoring platform from Weintek, Inc. An authorization issue vulnerability exists in Weintek Weincloud version v0.13.6, which stems from a vulnerability that could allow an attacker to reset passwords using only the JWT token of the corresponding account...

Weintek Weincloud 安全漏洞

Weintek Weincloud is a cloud-based monitoring platform from Weintek, Inc. A security vulnerability exists in Weintek Weincloud version v0.13.6, which originates from an attacker who can effectively brute-force an attack on credentials by exploiting an authentication prompt in an error message...

PT-2023-5704 · Weintek · Weintek Weincloud

Name of the Vulnerable Software and Affected Versions: Weintek Weincloud version 0.13.6 Description: The issue is related to the incorrect handling of construction elements in the Weincloud cloud platform for managing industrial devices. An attacker could exploit this by sending a forged JWT toke...

Design/Logic Flaw

geminabox aka Gem in a Box before 0.13.6 has XSS, as demonstrated by uploading a gem file that has a crafted gem.homepage value in its .gemspec file...

CVE-2015-1585

Fat Free CRM before 0.13.6 allows remote attackers to conduct cross-site request forgery CSRF attacks via a request without the authenticitytoken, as demonstrated by a crafted HTML page that creates a new administrator account...

Fat Free CRM 0.13.5 Cross Site Request Forgery

CVE-2015-1585 Fat Free CRM - CSRF Vulnerability in Version 0.13.5 ---------------------------------------------------------------- Product Information: Software: Fat Free CRM Tested Version: 0.13.5, released 22.1.2015 with over 10.000 downloads Vulnerability Type: Cross-Site Request Forgery, CSRF...