1284 matches found
CVE-2024-7753
SourceCodester Clinics Patient Management System 1.0 contains a vulnerability in the /user_images/ path that can be triggered remotely via an unauthorized direct request. The issue affects unknown code in that file, and the exploit has been disclosed publicly. CVSS context in the record indicates...
PT-2024-38561 · Sourcecodester · Sourcecodester Clinics Patient Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Clinics Patient Management System version 1.0 Description: A vulnerability was found in the system, declared as problematic, affecting unknown code of the file /user images/. The manipulation leads to direct request. The attack...
PT-2024-5764 · Vonets · Vonets Wifi Bridge Repeaters +1
Name of the Vulnerable Software and Affected Versions: Vonets industrial wifi bridge relays and wifi bridge repeaters versions 3.3.23.6.9 and prior Description: The issue is related to an improper authentication mechanism in the software, allowing an unauthenticated remote attacker to bypass...
CVE-2024-7153 Netgear WN604 siteSurvey.php direct request
A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719. Affected is an unknown function of the file siteSurvey.php. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be use...
CVE-2024-7153 Netgear WN604 siteSurvey.php direct request
A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719. Affected is an unknown function of the file siteSurvey.php. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be use...
CVE-2024-7080
A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /E-Insurance/. The manipulation leads to direct request. The attack can be launched remotely. The exploit has be...
CVE-2024-7080 SourceCodester Insurance Management System direct request
A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /E-Insurance/. The manipulation leads to direct request. The attack can be launched remotely. The exploit has be...
CVE-2024-7080 SourceCodester Insurance Management System direct request
A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /E-Insurance/. The manipulation leads to direct request. The attack can be launched remotely. The exploit has be...
Parsec Automation TrakSYS Security Vulnerability
Parsec Automation TrakSYS is an MES solution from Parsec Automation, USA. A security vulnerability exists in Parsec Automation TrakSYS version 11.x.x, which stems from the parameter ID of the file TS/export/contentpage leading to a direct request...
CVE-2024-6188 Parsec Automation TrackSYS pagedefinition direct request
A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic. This issue affects some unknown processing of the file /TS/export/pagedefinition. The manipulation of the argument ID leads to direct request. The attack may be initiated remotely. The exploit has been...
CVE-2024-6188 Parsec Automation TrackSYS pagedefinition direct request
A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic. This issue affects some unknown processing of the file /TS/export/pagedefinition. The manipulation of the argument ID leads to direct request. The attack may be initiated remotely. The exploit has been...
CVE-2024-6188
CVE-2024-6188 affects Parsec Automation TrackSYS 11.x.x. The issue involves processing of the file /TS/export/pagedefinition where manipulation of an argument ID leads to a direct request, allowing a remote attack. Public exploit information is present in the sources and a number of feeds referen...
CVE-2023-45596
A CWE-425 “Direct Request 'Forced Browsing'” vulnerability in the “fileconfiguration” functionality of the web application allows a remote unauthenticated attacker to access confidential configuration files. This issue affects: AiLux imx6 bundle below version imx61.0.7-2...
PT-2024-13262 · Unknown · Ailux Imx6 Bundle
Name of the Vulnerable Software and Affected Versions: AiLux imx6 bundle versions prior to imx6 1.0.7-2 Description: A vulnerability in the "measure" functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. The issue is related to a...
CVE-2023-5786 GeoServer GeoWebCache rest.html direct request
A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as problematic. This vulnerability affects unknown code of the file /geoserver/gwc/rest.html. The manipulation leads to direct request. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2023-5786 GeoServer GeoWebCache rest.html direct request
A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as problematic. This vulnerability affects unknown code of the file /geoserver/gwc/rest.html. The manipulation leads to direct request. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2023-5702
A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/. The manipulation leads to direct request. The exploit has been disclosed to the public and may be used. The identifier of th...
Design/Logic Flaw
A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/. The manipulation leads to direct request. The exploit has been disclosed to the public and may be used. The identifier of th...
CVE-2023-5702 Viessmann Vitogate 300 direct request
A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/. The manipulation leads to direct request. The exploit has been disclosed to the public and may be used. The identifier of th...
CVE-2023-5702
CVE-2023-5702 affects Viessmann Vitogate 300 up to version 2.1.3.0. A vulnerability in an unspecified function of the /cgi-bin/ path allows a direct request that can be leveraged by an attacker; public exploit/PoC information exists (e.g., exploitation described in exploitDB). Red Hat and ICS adv...