38 matches found
EUVD-2025-206982
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in TR7 Cyber Defense Inc. Web Application Firewall allows Phishing.This issue affects Web Application Firewall: from 4.30 through 16022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
CVE-2025-2418
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in TR7 Cyber Defense Inc. Web Application Firewall allows Phishing. This issue affects Web Application Firewall: from 4.30 before v1.4.0.117...
CVE-2025-2418 Open Redirect in TR7's Web Application Firewall
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in TR7 Cyber Defense Inc. Web Application Firewall allows Phishing. This issue affects Web Application Firewall: from 4.30 before v1.4.0.117...
CVE-2025-2418 Open Redirect in TR7's Web Application Firewall
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in TR7 Cyber Defense Inc. Web Application Firewall allows Phishing. This issue affects Web Application Firewall: from 4.30 before v1.4.0.117...
CVE-2025-2418
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in TR7 Cyber Defense Inc. Web Application Firewall allows Phishing. This issue affects Web Application Firewall: from 4.30 before v1.4.0.117...
Splinterware iDailyDiary security vulnerability
Splinterware iDailyDiary is a log management software developed by Splinterware Corporation. Version 4.30 of Splinterware iDailyDiary contains a security vulnerability. This vulnerability stems from a buffer overflow in the name field of the preferences tab, which could lead to a denial-of-servic...
CVE-2024-0522
A vulnerability was found in Allegro RomPager 4.01. It has been classified as problematic. Affected is an unknown function of the file usertable.htm?action=delete of the component HTTP POST Request Handler. The manipulation of the argument username leads to cross-site request forgery. It is...
CVE-2021-26916
In nopCommerce 4.30, a Reflected XSS issue in the Discount Coupon component allows remote attackers to inject arbitrary web script or HTML through the Filters/CheckDiscountCouponAttribute.cs discountcode parameter...
Exploit for CVE-2024-7954
RCE-CVE-2024-7954 Description The porteplume plugin,...
PT-2023-7789 · Zyxel · Zyxel Usg Flex Series +4
Name of the Vulnerable Software and Affected Versions: Zyxel ATP series versions 4.32 through 5.35 Zyxel USG FLEX series versions 4.50 through 5.35 Zyxel USG FLEX 50W versions 4.16 through 5.35 Zyxel USG20W-VPN versions 4.16 through 5.35 Zyxel VPN series versions 4.30 through 5.35 Description: Th...
ZyXEL ZyWALL USG 操作系统命令注入漏洞
Zyxel ZyXEL ZyWALL USG is a network security firewall appliance from China Hopkins Zyxel. A security vulnerability exists in Zyxel ZyWALL/USG versions 4.20 to 4.72, VPN versions 4.30 to 5.32, USG FLEX versions 4.50 to 5.32, and ATP versions 4.32 to 5.32. The vulnerability stems from a...
CVE-2022-29619
Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x - versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn't own and which would otherwise be restricted...
iDailyDiary 4.30 - Denial of Service Exploit
Exploit Title: iDailyDiary 4.30 - Denial of Service PoC Exploit Author: Ismael Nava Vendor Homepage: https://www.splinterware.com/index.html Software Link: https://www.splinterware.com/download/iddfree.exe Version: 4.30 Tested on: Windows 10 Home x64 STEPS Open the program iDailyDiary Create a Ne...
nopCommerce Cross-Site Scripting Vulnerability (CNVD-2021-01555)
nopCommerce is a set of open source general e-commerce platform. A cross-site scripting vulnerability exists in nopCommerce Store version 4.30, which stems from the Schedule tasks name field not being effectively filtered for XSS statements. This vulnerability allows an attacker to inject an XSS...
nopCommerce 跨站脚本漏洞
nopCommerce is a set of open source general e-commerce platform. A cross-site scripting vulnerability exists in nopCommerce Store version 4.30, which stems from the Schedule tasks name field not being effectively filtered for XSS statements. This vulnerability allows an attacker to inject an XSS...
CVE-2020-25014
A stack-based buffer overflow in fbwificontinue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet...
Zyxel UTM and Zyxel Gateway VPN series Buffer Error Vulnerability
Welkin Technology Zyxel UTM is a unified threat management appliance from Welkin Technology, China. Welkin Technologies Zyxel Gateway VPN series is a series of VPN routers from Welkin Technologies, China that provide secure access. VPNs supported by this router include IPSec, L2TP over IPSec, PPT...
CVE-2020-7378
CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the password of any user, including admin-Standard, to any chosen value. This issue was resolved in versio...
Design/Logic Flaw
CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the password of any user, including admin-Standard, to any chosen value. This issue was resolved in versio...
CVE-2020-7378 CRIXP OpenCRX Unverified Password Change
CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the password of any user, including admin-Standard, to any chosen value. This issue was resolved in versio...