CVE-2025-13474

Authorization Bypass Through User-Controlled Key vulnerability in Menulux Software Inc. Mobile App allows Exploitation of Trusted Identifiers. This issue affects Mobile App: before 9.5.8...

CVE-2025-13474

Authorization Bypass Through User-Controlled Key vulnerability in Menulux Software Inc. Mobile App allows Exploitation of Trusted Identifiers. This issue affects Mobile App: before 9.5.8...

CVE-2019-13474

TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt, and Imperial i600 TN81HH96-g102h-g102 devices have insufficient access control for the /setdname, /mylogo, /LocalPlay,...

CVE-2024-13474

creationtimestamp| type| source ---|---|--- 2025-02-22 05:18:51+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5016 2025-02-22 08:18:42+00:00| seen| https://t.me/cvedetector/18708...

CVE-2024-13474 LTL Freight Quotes – Purolator Edition <= 2.2.3 - Unauthenticated SQL Injection

The LTL Freight Quotes – Purolator Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropshipeditid' and 'editid' parameters in all versions up to, and including, 2.2.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existin...

CVE-2020-13474

In NCH Express Accounts 8.24 and earlier, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as Add/Edit users...

CVE-2020-13474

Affected software: NCH Express Accounts 8.24 and earlier. Vulnerability: an authenticated low-privilege user can craft a URL to access higher-privileged functionalities (e.g., Add/Edit users), indicating a privilege-escalation issue rooted in URL-based access control. Impact: as described, it ena...

CVE-2019-13474

TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt, and Imperial i600 TN81HH96-g102h-g102 devices have insufficient access control for the /setdname, /mylogo, /LocalPlay,...

CVE-2019-13474

CVE-2019-13474 affects TELESTAR Bobs Rock Radio, and various Dabman/Imperial model radios. The initial documents describe an insufficient access control issue for a set of commands exposed over the device interfaces: /set_dname, /mylogo, /LocalPlay, /irdevice.xml, /Sendkey, /setvol, /hotkeylist, ...

Telnet Backdoor Opens More Than 1M IoT Radios to Hijack

Imperial Dabman IoT radios have a weak password vulnerability that could allow a remote attacker to achieve root access to the gadgets’ embedded Linux BusyBox operating system, gaining control over the device. Adversaries can deliver malware, add a compromised radio to a botnet, send custom audio...