276 matches found
Panasonic WV-S2231L Camera Denial of Service (CVE-2020-29194)
Panasonic Security System WV-S2231L 4.25 allows a denial of service of the admin control panel which will require a physical reset to restore administrative control via Randomnum=99AC8CEC6E845B28&mode=1 in a POST request to the cgi-bin/setfactory URI. This plugin only works with Tenable.ot. Pleas...
PT-2023-25636 · Unknown · Boomerang Parental Control
Name of the Vulnerable Software and Affected Versions: Boomerang Parental Control application versions prior to 13.83 for Android Description: An issue was discovered in the Boomerang Parental Control application where the app is missing the android:allowBackup="false" attribute in the manifest...
Updates for Skype for Business Server 2019 (KB4470124)
Updates for Skype for Business Server 2019 KB4470124 This article specifies the applicability of Microsoft Skype for Business Server 2019 updates for each server role. Note: Skype for Business Server 2019, August 2025 update includes critical security updates for the Skype meetings application...
CVE-2023-42321
Cross Site Request Forgery CSRF vulnerability in icmsdev iCMSv.7.0.16 allows a remote attacker to execute arbitrary code via the user.admincp.php, members.admincp.php, and group.admincp.php files...
CVE-2023-42321
Cross Site Request Forgery CSRF vulnerability in icmsdev iCMSv.7.0.16 allows a remote attacker to execute arbitrary code via the user.admincp.php, members.admincp.php, and group.admincp.php files...
CVE-2023-39777
A cross-site scripting XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter...
CVE-2023-39777
A cross-site scripting XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter...
CVE-2023-39777
CVE-2023-39777 is a documented XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0, exploitable via the /login.php?do=login URL parameter. The issue is caused by a cross-site scripting flaw that allows an attacker to run arbitrary web scripts or HTML in the context of an aff...
CVE-2023-39777
A cross-site scripting XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter...
CVE-2023-39777
A cross-site scripting XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter...
CVE-2023-39805
iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the where parameter at admincp.php...
Datalife Engine 10 SQL Injection
==================================================================================================================================== | Title : Datalife Engine v10 ir SQl injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...
PT-2023-14787 · Mybb · Mybb
Name of the Vulnerable Software and Affected Versions: MyBB versions prior to 1.8.33 Description: The issue allows remote authenticated users with high privileges to achieve local file inclusion and execution through the Admin CP Languages module, due to a Directory Traversal vulnerability...
CVE-2022-43709
MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings...
MyBB SQL注入漏洞
MyBB MyBulletinBoard is a free and web-based forum software developed by MYBB team using PHP and MySQL. The software is easy to use, supports multiple languages, scalable and so on. A SQL injection vulnerability exists in MyBB version 1.8.31, which originates from a cross-site scripting...
CVE-2022-43709
MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings...
iCMS 代码问题漏洞
iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A security vulnerability exists in iCMS version v7.0.16, which originates from a server-side request forgery SSRF contained in the url parameter via admincp.php...
CVE-2022-41496
iCMS v7.0.16 was discovered to contain a Server-Side Request Forgery SSRF via the url parameter at admincp.php...
CVE-2022-30860
FUDforum 3.1.2 is vulnerable to Remote Code Execution through Upload File feature of File Administration System in Admin Control Panel...
CVE-2022-30863
FUDForum 3.1.2 is vulnerable to Cross Site Scripting XSS via pagetitle param in Page Manager in the Admin Control Panel...