2125 matches found
CVE-2022-34672
NVIDIA Control Panel for Windows contains a vulnerability where an unauthorized user or an unprivileged regular user can compromise the security of the software by gaining privileges, reading sensitive information, or executing commands...
CVE-2022-47648
An Improper Access Control vulnerability allows an attacker to access the control panel of the B420 without requiring any sort of authorization or authentication due to the IP based authorization. If an authorized user has accessed a publicly available B420 product using valid credentials, an...
CVE-2022-2636
Improper Control of Generation of Code 'Code Injection' in GitHub repository hestiacp/hestiacp prior to 1.6.6...
CVE-2024-45799
FluxCP is a web-based Control Panel for rAthena servers written in PHP. A javascript injection is possible via venders/buyers list pages and shop names, that are currently not sanitized. This allows executing arbitrary javascript code on the user's browser just by visiting the shop pages. As a...
PT-2025-1547 · Unknown · Luckywp Scripts Control
Name of the Vulnerable Software and Affected Versions: LuckyWP Scripts Control versions 1.2.1 and earlier Description: The issue is related to a Missing Authorization vulnerability in LuckyWP Scripts Control, which allows exploiting incorrectly configured access control security levels...
KLA77600 SUI vulnerability in Microsoft Dynamics
Security UI vulnerability was found in Microsoft Dynamics. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2024-49053 Related products Microsoft-Dynamics-365 CVE list CVE-2024-49053 high Solution Install necessary updates from the KB section, that a...
KLA77110 PE vulnerability in Microsoft Apps
An elevation of privilege vulnerability was found in Microsoft Apps. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2024-49051 CVE list CVE-2024-49051 high Solution Install necessary updates from the KB section, that are listed in your Windows Update...
Acronis Backup plugin for cPanel & WHM (Linux) 安全漏洞
Acronis Backup plugin for cPanel & WHM Linux is a plugin from Acronis Switzerland. A security vulnerability exists in Acronis Backup plugin for cPanel & WHM Linux versions prior to 818, which stems from improper handling of symbolic links, resulting in the disclosure of sensitive information duri...
New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers
Over 1,500 Android devices have been infected by a new strain of Android banking malware called ToxicPanda that allows threat actors to conduct fraudulent banking transactions. "ToxicPanda's main goal is to initiate money transfers from compromised devices via account takeover ATO using a...
Synology DiskStation Manager Improper Neutralization of Input During Web Page Generation (CVE-2018-13293)
Cross-site scripting XSS vulnerability in Control Panel SSO Settings in Synology DiskStation Manager DSM before 6.2.1-23824 allows remote authenticated users to inject arbitrary web script or HTML via the URL parameter. This plugin only works with Tenable.ot. Please visit...
The vulnerability of the Webmin control panel for hosting services, related to a loop with an unreachable exit condition, allows attackers to cause a service failure.
The vulnerability of the Webmin control panel involves a cycle with an unreachable exit condition. Exploiting this vulnerability allows a malicious actor to cause service failures...
Eliz Panel SQL注入漏洞
Eliz Panel is a control panel from Eliz Corporation. A SQL injection vulnerability exists in Eliz Panel versions prior to 2.3.24, which arises from an improper neutralization of a particular element used, allowing commands to be executed via SQL injection...
The vulnerability of the web servers of the microprogramming software for communication modules of SIMATIC CP, SIPLUS ET, and SIPLUS NET CP allows a perpetrator to cause service failures.
The vulnerability of the web servers of the microprogramming software for communication modules of SIMATIC CP, SIPLUS ET, and SIPLUS NET CP is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability could allow a malicious actor to cause...
The vulnerability of the Webmin control panel for hosting services stems from incorrect permissions and privileges, allowing attackers to circumvent existing security restrictions.
The vulnerability of the Webmin control panel involves incorrect permissions and privileges. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...
ROS-20240917-06
A glitch in the sessionlogin.cgi script of the Webmin hosting control panel and web interface for unix-like systems Usermin exists due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a...
CVE-2024-45799
FluxCP is a web-based Control Panel for rAthena servers written in PHP. A javascript injection is possible via venders/buyers list pages and shop names, that are currently not sanitized. This allows executing arbitrary javascript code on the user's browser just by visiting the shop pages. As a...
CVE-2024-45799 Javascript Injection in Vending Info/Buyers Info Module in FluxCP
FluxCP is a web-based Control Panel for rAthena servers written in PHP. A javascript injection is possible via venders/buyers list pages and shop names, that are currently not sanitized. This allows executing arbitrary javascript code on the user's browser just by visiting the shop pages. As a...
ROS-20240916-01
A vulnerability in the Webmin hosting control panel is related to incorrect permissions and privileges. Exploitation of the vulnerability could allow an attacker acting remotely to bypass implemented security restrictions. security...
CVE-2020-24061
Cross Site Scripting XSS Vulnerability in Firewall menu in Control Panel in KASDA KW5515 version 4.3.1.0, allows attackers to execute arbitrary code and steal cookies via a crafted script...
CVE-2020-24061
Cross Site Scripting XSS Vulnerability in Firewall menu in Control Panel in KASDA KW5515 version 4.3.1.0, allows attackers to execute arbitrary code and steal cookies via a crafted script...