7 matches found
CVE-2025-13315, CVE-2025-13316: Critical Twonky Server Authentication Bypass (NOT FIXED)
Overview Twonky Server version 8.5.2 is susceptible to two vulnerabilities that facilitate administrator authentication bypass on Linux and Windows. An unauthenticated attacker can improperly access a privileged web API endpoint to leak application logs, which contain encrypted administrator...
📄 Ivanti Endpoint Manager Mobile 12.5.0.0 Authentication Bypass
Ivanti Endpoint Manager Mobile version 12.5.0.0 authentication bypass proof of concept exploit. !/usr/bin/env python3 Exploit Title: Ivanti Endpoint Manager Mobile 12.5.0.0 - Authentication Bypass Google Dork: inurl:/mifs "Ivanti" OR "EPM" OR "Endpoint Manager" Date: 2025-01-21 Exploit Author: Yo...
ASUS GT-AC2900 授权问题漏洞
ASUS GT-AC2900 is a router from ASUS China.A security vulnerability exists in versions prior to ASUS GT-AC2900 devices 3.0.0.4.386.42643, which allows the administrator application to allow bypass of authentication when handling remote input from unauthenticated users, which could be exploited by...
Apple macOS High Sierra Security Logic Flaw Vulnerability
Apple macOS High Sierra is a specialized operating system developed by Apple Inc. for Mac computers.Security is one of the security components of the system. A security vulnerability exists in the authentication of credentials in the Security component of Apple macOS High Sierra version 10.13.2. ...
dhtml-menu-builder universal password and XSS cross-site vulnerabilities-vulnerability warning-the black bar safety net
Vulnerability Description: from abroad dhtml-menu-builder Auth bypass and Persistent xss; official website http://dhtml-menu-builder. com/; the system there is a serious background administrator authentication bypass vulnerability, as well asXSScross-site vulnerabilities. Publisher/date:...
Max CMS2. 0beta (maxcms)SQL injection and administrator authentication bypass vulnerability-vulnerability warning-the black bar safety net
This system was internally very popular video-on-demand system, before 1. 5 version vulnerability very much, the 2.0 version in terms of security has improved, but still there are loopholes exist. Look at the code \inc\ajax. asp dim action : action = getForm"action", "get" response. Charset="gbk"...
Back Office Web Administrator Authentication Bypass (#NISR17042002A)
NGSSoftware Insight Security Research Advisory Name: Back Office Web Administration Authentication Bypass Systems Affected: Microsoft's Back Office Web Administrator 4.0, 4.5 Severity: Medium/High Vendor URL: http://www.microsoft.com Author: David Litchfield [email protected] Date: 17th April...