6 matches found
Ubiquiti多款产品 安全漏洞
Ubiquiti UniFi Access Reader and others are products of Ubiquiti, U.S.A. Ubiquiti UniFi Access Reader is an access control system viewer device.Ubiquiti UniFi Access Intercom is an intercom system device. Ubiquiti UniFi Access Reader Pro is a card reader and access control intercom device. A...
CVE-2024-23831
LedgerSMB is a free web-based double-entry accounting system. When a LedgerSMB database administrator has an active session in /setup.pl, an attacker can trick the admin into clicking on a link which automatically submits a request to setup.pl without the admin's consent. This request can be used...
Privilege escalation
LedgerSMB is a free web-based double-entry accounting system. When a LedgerSMB database administrator has an active session in /setup.pl, an attacker can trick the admin into clicking on a link which automatically submits a request to setup.pl without the admin's consent. This request can be used...
CVE-2024-23831 Privilege escalation through CSRF attack on 'setup.pl'
LedgerSMB is a free web-based double-entry accounting system. When a LedgerSMB database administrator has an active session in /setup.pl, an attacker can trick the admin into clicking on a link which automatically submits a request to setup.pl without the admin's consent. This request can be used...
CVE-2024-23831 Privilege escalation through CSRF attack on 'setup.pl'
LedgerSMB is a free web-based double-entry accounting system. When a LedgerSMB database administrator has an active session in /setup.pl, an attacker can trick the admin into clicking on a link which automatically submits a request to setup.pl without the admin's consent. This request can be used...
PT-2021-11780 · D-Bus +3 · D-Bus +3
Name of the Vulnerable Software and Affected Versions: D-Bus Development branch versions 1.13.16 and earlier D-Bus versions 1.12.18 and earlier D-Bus versions 1.10.30 and earlier Description: A use-after-free flaw was found in D-Bus when a system has multiple usernames sharing the same UID. When ...