12 matches found
The vulnerability of the Apex-VUZ education automation system, related to insufficient access control, allows a perpetrator to download photos of profiles of all used accounts.
The vulnerability of the Apex-VUZ education automation system’s web interface is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to download photos of profiles of all user accounts by sending a specially crafted request...
The vulnerability of the password restoration mechanism of the Apex-VUZ system allows a hacker to obtain the email address associated with the restored password.
The vulnerability of the password restoration mechanism of the Apex-VUZ educational automation system is related to the disclosure of information. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain the email address associated with the recoverable password...
The vulnerability of the component responsible for creating new account records in the Apex-VUZ education automation system allows a perpetrator to cause service interruptions.
The vulnerability of the component responsible for creating new account records in the Apex-VUZ automation system is related to improper control of the interaction frequency. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending specially crafted POST...
The vulnerability of the Apex-VUZ education automation system, related to the use of strictly encrypted user data, allows a perpetrator to gain full access to the software environment.
The vulnerability of the Apex-VUZ education automation system is related to the use of strictly encrypted user data. Exploiting this vulnerability could allow a malicious actor to gain full access to the software environment...
The vulnerability of the password reset mechanism of the Automation Education System Apex-VUZ allows a hacker to obtain the user’s password.
The vulnerability of the user password reset mechanism in the Apex-VUZ automation system is related to the use of the SHA-1 encryption algorithm, which lacks sufficient robustness. Exploiting this vulnerability could allow an attacker operating remotely to obtain the user’s password...
The vulnerability of the LoginForm and RegisterForm data transmission forms in the Apex-VUZ automation system allows a perpetrator to gain access to user account information.
The vulnerability of the LoginForm and RegisterForm data transmission forms in the Apex-VUZ automation system is related to the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to gain access to user credentials...
The vulnerability of the message exchange component of the system for loading user files in the Apex-VUZ education automation system allows a perpetrator to upload any files onto the server.
The vulnerability of the message exchange component of the system for loading user files in the Apex-VUZ education automation system is related to the unlimited loading of malicious files. Exploiting this vulnerability allows a remote attacker to load malicious files onto the server...
The vulnerability of the Apex-VUZ education automation system’s web interface allows a perpetrator to gain access to information about the profiles of all user accounts used.
The vulnerability of the Apex-VUZ education automation system’s web interface is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain access to information about all user accounts by sending a specially crafted request...
The vulnerability of the log files of user operations in the Apex-VUZ automation system allows a perpetrator to gain access to authentication information.
The vulnerability of the logs of user operations in the Apex-VUZ automation system is related to the storage of passwords in an open format. Exploiting this vulnerability can allow a malicious actor to gain access to authentication information...
PT-2022-6300 · Апекс-Вуз · Апекс-Вуз
Name of the Vulnerable Software and Affected Versions: Апекс-ВУЗ affected versions not specified Description: The issue is related to the transmission of data in open form through the LoginForm and RegisterForm in the Апекс-ВУЗ education automation system. This could allow a remote attacker to ga...
PT-2022-6301 · Unknown · Apex-Vuz Automation System
Name of the Vulnerable Software and Affected Versions: Apex-VUZ automation system affected versions not specified Description: The issue is related to the component responsible for creating new accounts in the Apex-VUZ automation system. It is associated with inadequate control over interaction...
PT-2022-6295 · Unknown · Apex-Vuz Automation System
Name of the Vulnerable Software and Affected Versions: Apex-VUZ automation system affected versions not specified Description: The issue is related to the messaging component of the custom file upload module in the Apex-VUZ automation system. It involves the unrestricted upload of dangerous file...