4670 matches found
CVE-2026-14609
A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This issue affects some unknown processing. The manipulation results in session fixiation. The attack can be executed remotely. The attack requires a high level of complexity. The...
CVE-2026-14608
A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=viewstudent of the component POST Handler. The manipulation of the argument ID leads to authorization...
CVE-2026-14609 SourceCodester CET Automated Grading System with AI Predictive Analytics session fixiation
A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This issue affects some unknown processing. The manipulation results in session fixiation. The attack can be executed remotely. The attack requires a high level of complexity. The...
EUVD-2026-41611
A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This issue affects some unknown processing. The manipulation results in session fixiation. The attack can be executed remotely. The attack requires a high level of complexity. The...
CVE-2026-14609
Technical details about CVE-2026-14609 are not publicly available in the provided documents. Monitor for updates from official advisories and vendor advisories for affected components and remediation steps.
EUVD-2026-41565
A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=viewstudent of the component POST Handler. The manipulation of the argument ID leads to authorization...
CVE-2026-54844
Unauthenticated Broken Access Control in CheckView Automated Testing = 2.1.0 versions...
CVE-2026-54844
The CVE-2026-54844 entry concerns WordPress CheckView Automated Testing plugin (versions
CVE-2026-54844 WordPress CheckView Automated Testing plugin <= 2.1.0 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in CheckView Automated Testing = 2.1.0 versions...
EUVD-2026-39371
Unauthenticated Broken Access Control in CheckView Automated Testing = 2.1.0 versions...
PT-2026-52421
Name of the Vulnerable Software and Affected Versions CheckView Automated Testing versions prior to 2.1.1 Description An unauthenticated broken access control issue exists, allowing unauthorized users to bypass security restrictions. Recommendations Update CheckView Automated Testing to version...
Automated Logic WebCTRL Incorrect Authorization (CVE-2024-5539)
CWE-863 Incorrect Authorization vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. The system fails to perform adequate authorization checks, allowing an actor to perform actions or access resources without proper entitlement, leading to...
Automated Logic WebCTRL Improper Validation of Array Index (CVE-2025-0657)
CWE-129 Improper Validation of Array Index vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. Software uses an array index that has not been properly validated to ensure it falls within valid array bounds. This can result in out-of-bounds access,...
Automated Logic WebCTRL Premium Server Improper Neutralization of Input During Web Page Generation (CVE-2024-8528)
CWE-79 Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. User input is not properly sanitized, allowing injection of malicious scripts into web pages viewed by...
Automated Logic WebCTRL Premium Server URL Redirection to Untrusted Site (CVE-2024-8527)
CWE-601 URL Redirection to Untrusted Site 'Open Redirect' vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. The application accepts a user-supplied URL and redirects without proper validation, allowing attackers to exploit user sessions through ...
Vertiv Liebert SiteScan Improper Validation of Array Index (CVE-2025-0657)
CWE-129 Improper Validation of Array Index vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. Software uses an array index that has not been properly validated to ensure it falls within valid array bounds. This can result in out-of-bounds access,...
Vertiv Liebert SiteScan Incorrect Authorization (CVE-2024-5539)
CWE-863 Incorrect Authorization vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. The system fails to perform adequate authorization checks, allowing an actor to perform actions or access resources without proper entitlement, leading to...
Carrier Corporation i-VU Incorrect Authorization (CVE-2024-5539)
CWE-863 Incorrect Authorization vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. The system fails to perform adequate authorization checks, allowing an actor to perform actions or access resources without proper entitlement, leading to...
WordPress CheckView Automated Testing plugin <= 2.1.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by sequenceX0 in WordPress Plugin CheckView Automated Testing versions = 2.1.0...
[Eclipse Theia] Arbitrary Command Execution via Untrusted Workspace Task Definitions
In Eclipse Theia versions prior to 1.69.0, custom task definitions in workspace files e.g. .theia/tasks.json, .vscode/tasks.json could be executed without requiring workspace trust. An attacker could craft a malicious repository that, when cloned and opened in Theia, leads to execution of arbitra...