40 matches found
CVE-2026-8480 Connection possible to the Administration portal with a revoked certificate
A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41 included, 4.4.0 to 4.8.15 included , 5.0.2 EA to 5.0.5 included A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certificate to...
EUVD-2021-13998
Malware in sbrugna...
CVE-2025-59815
CVE-2025-59815 affects Zenitel ICX500 and ICX510 Gateway. The connected sources confirm an authenticated remote code execution in the Billing Administration portal, enabling arbitrary commands with shell access on the underlying system. The impact is device unavailability, and compromised confide...
CVE-2025-59815 Authenticated Remote Code Execution in the Billing Administration portal
This vulnerability allows malicious actors to execute arbitrary commands on the underlying system of the Zenitel ICX500 and ICX510 Gateway, granting shell access. Exploitation can compromise the device’s availability, confidentiality, and integrity...
CVE-2023-22984
A Vulnerability was discovered in Axis 207W network camera. There is a reflected XSS vulnerability in the web administration portal, which allows an attacker to execute arbitrary JavaScript via URL...
CVE-2013-3072
An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in http:///apply.cgi?/hddusrsetup.htm that when visited by any user, authenticated or not, causes the router to no longer require a password to access the web administration portal...
CVE-2017-15885
Reflected XSS in the web administration portal on the Axis 2100 Network Camera 2.03 allows an attacker to execute arbitrary JavaScript via the confLayoutOwnTitle parameter to view/view.shtml. NOTE: this might overlap CVE-2007-5214...
CVE-2024-0204
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...
VulnCheck KEV: CVE-2024-0204
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...
CVE-2024-0204
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...
Authentication flaw
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...
The vulnerability of the web interface of the administration and service portal of Atos Unify OpenScape Common Management Platform allows a perpetrator to bypass security restrictions and execute arbitrary codes.
The vulnerability of the web interface of the Atos Unify OpenScape Common Management Platform’s administration and service portal is related to an incorrect restriction on the path to the catalog. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute...
The vulnerability of the administration portal of Cisco Identity Services Engine (ISE) allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Cisco Identity Services Engine ISE administration portal is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
AXIS 207W Network Camera XSS Vulnerability (Feb 2023)
AXIS 207W network camera devices are prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2023-22984
A Vulnerability was discovered in Axis 207W network camera. There is a reflected XSS vulnerability in the web administration portal, which allows an attacker to execute arbitrary JavaScript via URL...
CVE-2023-22984
A Vulnerability was discovered in Axis 207W network camera. There is a reflected XSS vulnerability in the web administration portal, which allows an attacker to execute arbitrary JavaScript via URL...
Cross site scripting
UNSUPPORTED WHEN ASSIGNED A Vulnerability was discovered in Axis 207W network camera. There is a reflected XSS vulnerability in the web administration portal, which allows an attacker to execute arbitrary JavaScript via URL...
CVE-2023-22984
A Vulnerability was discovered in Axis 207W network camera. There is a reflected XSS vulnerability in the web administration portal, which allows an attacker to execute arbitrary JavaScript via URL...
Celartem Extensis Portfolio 代码问题漏洞
Celartem Extensis Portfolio is a digital asset management solution from Celartem Japan. A code issue vulnerability exists in Celartem Extensis Portfolio versions 3.0.0 through 3.6.3, which stems from insufficient file validation when uploading files in the administration portal. A remote user can...
Moderate: Red Hat Security Advisory: RHV-M (ovirt-engine) 4.4.z security, bug fix, enhancement upd[ovirt-4.4.4] 0-day
Updated ovirt-engine packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...