19 matches found
CVE-2026-31066
UTT Aggressive HiPER 810G v3v1.7.7-171114 was discovered to contain a buffer overflow in the selDateType parameter of the formTaskEdit function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2026-31066
creationtimestamp| type| source ---|---|--- 2026-04-06 16:45:05+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116358768533650350...
CVE-2023-31066
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Different users in InLong could delete, edit, stop, and start others' sources! Users are advised to upgrade to Apache InLong's...
CVE-2010-2504
Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allows remote authenticated users to obtain sensitive information via HTTP header injection, aka SPL-31066...
CVE-2025-31066
Missing Authorization vulnerability in themeton Acerola acerola allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Acerola: from n/a through = 1.6.5...
CVE-2025-31066 WordPress Acerola theme <= 1.6.5 - Broken Access Control Vulnerability
Missing Authorization vulnerability in themeton Acerola acerola allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Acerola: from n/a through = 1.6.5...
CVE-2025-31066 WordPress Acerola theme <= 1.6.5 - Broken Access Control Vulnerability
Missing Authorization vulnerability in themeton Acerola acerola allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Acerola: from n/a through = 1.6.5...
CVE-2025-31066
CVE-2025-31066 relates to a Missing Authorization vulnerability in the Themeton Acerola WordPress theme (versions <= 1.6.5). The issue stems from incorrectly configured access control levels, enabling unauthorized access (Broken Access Control). Public sources (Patchstack, CVE listings) consis...
WordPress Acerola Theme <= 1.6.5 is vulnerable to Broken Access Control
Software Acerola Type Theme Vulnerable versions = 1.6.5 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2025-31066 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 095f29f718c8 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber...
CVE-2023-31066
creationtimestamp| type| source ---|---|--- 2023-05-22 20:25:29+00:00| published-proof-of-concept| https://t.me/cibsecurity/64545...
CVE-2023-31066
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Different users in InLong could delete, edit, stop, and start others' sources! Users are advised to upgrade to Apache InLong's...
CVE-2023-31066
CVE-2023-31066 affects Apache InLong versions 1.4.0–1.6.0. It enables different users to delete, edit, stop, and start others’ sources due to files/directories accessible to external parties. Remediation: upgrade to InLong 1.7.0 or cherry-pick PR #7775 (as referenced). If exploitation details are...
CVE-2023-31066 Apache InLong: Insecure direct object references for inlong sources
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Different users in InLong could delete, edit, stop, and start others' sources! Users are advised to upgrade to Apache InLong's...
CVE-2022-31066 Configuration API in EdgeXFoundry exposes message bus credentials to local unauthenticated users
EdgeX Foundry is an open source project for building a common open framework for Internet of Things edge computing. Prior to version 2.1.1, the /api/v2/config endpoint exposes message bus credentials to local unauthenticated users. In security-enabled mode, message bus credentials are supposed to...
CVE-2022-31066
CVE-2022-31066 affects EdgeXFoundry up to version 2.1.1, where the /api/v2/config endpoint exposes message bus credentials to local unauthenticated users. In security-enabled mode, credentials should be stored in the secret store, but access controls are bypassed, allowing interception or injecti...
CVE-2022-31066 Configuration API in EdgeXFoundry exposes message bus credentials to local unauthenticated users
EdgeX Foundry is an open source project for building a common open framework for Internet of Things edge computing. Prior to version 2.1.1, the /api/v2/config endpoint exposes message bus credentials to local unauthenticated users. In security-enabled mode, message bus credentials are supposed to...
CVE-2021-31066
...
CVE-2021-31066
This CVE-2021-31066 entry is rejected and not used; it does not represent an active vulnerability.
CVE-2010-2504
CVE-2010-2504 affects Splunk 4.0–4.0.10 and 4.1–4.1.1. The issue is HTTP header injection that allows remote authenticated users to obtain sensitive information (SPL-31066). Root cause details beyond “HTTP header injection” are not provided in the connected documents. Impact is noted as exposure ...