CVE-2023-4544

A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230809. It has been rated as problematic. This issue affects some unknown processing of the file /config/php.ini. The manipulation leads to direct request. The attack may be initiated remotely. The exploit has been disclos...

CVE-2023-4544 Byzoro Smart S85F Management Platform php.ini direct request

A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230809. It has been rated as problematic. This issue affects some unknown processing of the file /config/php.ini. The manipulation leads to direct request. The attack may be initiated remotely. The exploit has been disclos...

CVE-2023-4544 Byzoro Smart S85F Management Platform php.ini direct request

A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230809. It has been rated as problematic. This issue affects some unknown processing of the file /config/php.ini. The manipulation leads to direct request. The attack may be initiated remotely. The exploit has been disclos...

CVE-2023-3792

A vulnerability was found in Beijing Netcon NS-ASG 6.3. It has been classified as problematic. This affects an unknown part of the file /admin/teststatus.php. The manipulation leads to direct request. The exploit has been disclosed to the public and may be used. The associated identifier of this...

Design/Logic Flaw

A vulnerability was found in Beijing Netcon NS-ASG 6.3. It has been classified as problematic. This affects an unknown part of the file /admin/teststatus.php. The manipulation leads to direct request. The exploit has been disclosed to the public and may be used. The associated identifier of this...

CVE-2023-3792

CVE-2023-3792 affects Beijing Netcon NS-ASG 6.3. The vulnerability is in an unknown part of the file /admin/test_status.php, where manipulation leads to a direct request. The exploit has been disclosed publicly, but the provided documents do not specify the exact vector, affected versions beyond ...

CVE-2023-2524

A vulnerability classified as critical has been found in Control iD RHiD 23.3.19.0. This affects an unknown part of the file /v2//. The manipulation leads to direct request. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-228015. NOTE: The...

Authentication flaw

A vulnerability classified as critical has been found in Control iD RHiD 23.3.19.0. This affects an unknown part of the file /v2//. The manipulation leads to direct request. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-228015. NOTE: The...

CVE-2023-2524 Control iD RHiD direct request

A vulnerability classified as critical has been found in Control iD RHiD 23.3.19.0. This affects an unknown part of the file /v2//. The manipulation leads to direct request. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-228015. NOTE: The...

CVE-2023-2524 Control iD RHiD direct request

A vulnerability classified as critical has been found in Control iD RHiD 23.3.19.0. This affects an unknown part of the file /v2//. The manipulation leads to direct request. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-228015. NOTE: The...

CVE-2023-1682 Xunrui CMS Install.txt direct request

A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /dayrui/My/Config/Install.txt. The manipulation leads to direct request. The attack can be launched remotely. The exploit has been disclosed to t...

CVE-2019-13988

Sierra Wireless MGOS before 3.15.2 and 4.x before 4.3 allows attackers to read log files via a Direct Request aka Forced Browsing...

CVE-2019-13988

Sierra Wireless MGOS before 3.15.2 and 4.x before 4.3 allows attackers to read log files via a Direct Request aka Forced Browsing...

Design/Logic Flaw

Sierra Wireless MGOS before 3.15.2 and 4.x before 4.3 allows attackers to read log files via a Direct Request aka Forced Browsing...

Sierra Wireless MGOS 安全漏洞

Sierra Wireless MGOS is a wireless communication device from Sierra Wireless Canada. A security vulnerability exists in Sierra Wireless MGOS versions prior to 3.15.2 and versions prior to 4.x through 4.3, which stems from a vulnerability that allows an attacker to read log files via Direct Reques...

CVE-2019-13988

Sierra Wireless MGOS before 3.15.2 and 4.x before 4.3 allows attackers to read log files via a Direct Request aka Forced Browsing...

CVE-2019-13988

Sierra Wireless MGOS before 3.15.2 and 4.x before 4.3 allows attackers to read log files via a Direct Request aka Forced Browsing...

CVE-2019-13988

Summary of CVE-2019-13988 : Sierra Wireless MGOS is affected. Versions before 3.15.2, and 4.x before 4.3, allow attackers to read log files via a Direct Request (also known as Forced Browsing). The underlying issue enables unauthorized access to log data without authentication, as described acros...

HTML Purifier allows remote attackers to obtain sensitive information

HTML Purifier 4.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/PHPT/Reporter/SimpleTest.php and certain other files...

GHSA-JW86-5CJF-MV79 HTML Purifier allows remote attackers to obtain sensitive information

HTML Purifier 4.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/PHPT/Reporter/SimpleTest.php and certain other files...