9 matches found
CVE-2026-22205
SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type juggling that allows unauthenticated attackers to access protected information. Attackers can exploit loose type comparisons in authentication logic to bypass login verification and retrieve sensitive...
EUVD-2025-201921
A vulnerability has been identified in SINEC Security Monitor All versions V4.10.0. The affected application lacks input validation of date parameter in report generation functionality. This could allow an authenticated, lowly privileged attacker to cause denial of service condition of the report...
CVE-2023-26114
Versions of the package code-server before 4.10.1 are vulnerable to Missing Origin Validation in WebSockets handshakes. Exploiting this vulnerability can allow an adversary in specific scenarios to access data from and connect to the code-server instance...
PHOENIX CONTACTs WP 6xxx series web panels Security Vulnerability
PHOENIX CONTACTs WP 6xxx series web panels are a series of web panels from PHOENIX CONTACTs, Germany. A security vulnerability exists in PHOENIX CONTACTs WP 6xxx series web panels prior to version 4.0.10, which can be exploited by an unauthenticated, remote attacker to gain read/write access to t...
CVE-2023-3572
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote, unauthenticated attacker may use an attribute of a specific HTTP POST request releated to date/time operations to gain full access to the device...
Statamic 跨站脚本漏洞
Statamic is a powerful flat file Cms built on Laravel by Statamic, Inc. for storing all content, templates, assets, and settings in files instead of a database. A cross-site scripting vulnerability exists in Statamic versions prior to 4.10.0, which stems from an SVG tag that does not clear...
Teltonika Remote Management System 授权问题漏洞
Teltonika Remote Management System is a Teltonika remote management system for managing Teltonika products. An authorization issue vulnerability exists in Teltonika Remote Management System versions prior to 4.10.0. An attacker could use this vulnerability to execute arbitrary commands as root by...
ALPINE-CVE-2020-8449
An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters...
CVE-2013-5607
Integer overflow in the PLArenaAllocate function in Mozilla Netscape Portable Runtime NSPR before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service application crash o...