16 matches found
EUVD-2025-31158
Malicious code in bioql PyPI...
EUVD-2025-31160
Malicious code in bioql PyPI...
CVE-2025-59814
This vulnerability allows malicious actors to gain unauthorized access to the Zenitel ICX500 and ICX510 Gateway Billing Admin endpoint, enabling them to read the entire contents of the Billing Admin database...
CVE-2025-59816
This vulnerability allows attackers to directly query the underlying database, potentially retrieving all data stored in the Billing Admin database, including user credentials. User passwords are stored in plaintext, significantly increasing the severity of this issue...
Vulnerabilities fixed in Zenitel ICX500 and ICX510 gateway
Zenitel has fixed vulnerabilities in the ICX500 and ICX510 gateway products. The vulnerabilities allow malicious parties to gain unauthorized access to the Billing Admin endpoint and execute arbitrary commands on the device. This can lead to serious compromise of device availability,...
CVE-2025-59816
This vulnerability allows attackers to directly query the underlying database, potentially retrieving all data stored in the Billing Admin database, including user credentials. User passwords are stored in plaintext, significantly increasing the severity of this issue...
CVE-2025-59814
This vulnerability allows malicious actors to gain unauthorized access to the Zenitel ICX500 and ICX510 Gateway Billing Admin endpoint, enabling them to read the entire contents of the Billing Admin database...
CVE-2025-59816 Authenticated Union based SQL-injection in the search input field
This vulnerability allows attackers to directly query the underlying database, potentially retrieving all data stored in the Billing Admin database, including user credentials. User passwords are stored in plaintext, significantly increasing the severity of this issue...
CVE-2025-59816 Authenticated Union based SQL-injection in the search input field
This vulnerability allows attackers to directly query the underlying database, potentially retrieving all data stored in the Billing Admin database, including user credentials. User passwords are stored in plaintext, significantly increasing the severity of this issue...
CVE-2025-59816
CVE-2025-59816 affects Zenitel ICX500/ICX510 Billing Admin endpoint. Affects the Billing Admin component where attackers can query the underlying database directly, potentially retrieving all data including plaintext passwords. Root cause: database query exposure via the Billing Admin interface. ...
CVE-2025-59814
CVE-2025-59814 affects Zenitel ICX500/ICX510 Gateway Billing Admin endpoint, enabling unauthorized access to read the Billing Admin database. Multiple connected sources corroborate a vulnerability in the Billing Admin area, with impact described as reading the entire database contents. The NCSC a...
CVE-2025-59814 Unauthenticated SQL-injection in password field
This vulnerability allows malicious actors to gain unauthorized access to the Zenitel ICX500 and ICX510 Gateway Billing Admin endpoint, enabling them to read the entire contents of the Billing Admin database...
CVE-2025-59814 Unauthenticated SQL-injection in password field
This vulnerability allows malicious actors to gain unauthorized access to the Zenitel ICX500 and ICX510 Gateway Billing Admin endpoint, enabling them to read the entire contents of the Billing Admin database...
PT-2025-39444
Name of the Vulnerable Software and Affected Versions Zenitel ICX500 and ICX510 Gateway affected versions not specified Description The issue allows unauthorized access to the Billing Admin endpoint, potentially enabling malicious actors to read the entire contents of the Billing Admin database...
PT-2025-39446
Name of the Vulnerable Software and Affected Versions Billing Admin affected versions not specified Description This issue enables attackers to directly query the underlying database, potentially retrieving all data stored in the Billing Admin database, including user credentials. User passwords...
Dashlane: Extract Billing admin email address using random team id
Any user can extract and enumerate email address of dashlane members. Steps to reproduce 1 Login to console.dashlane.com Register using https://www.dashlane.com/business/try 2 Click on Manage Users while intercepting request in Burp 3 Look for a request to...