Lucene search
K

130 matches found

Cvelist
Cvelist
added 2024/08/26 12:0 a.m.28 views

CVE-2024-28077

A denial-of-service issue was discovered on certain GL-iNet devices. Some websites can detect devices exposed to the external network through DDNS, and consequently obtain the IP addresses and ports of devices that are exposed. By using special usernames and special characters such as half...

0.00431EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/26 12:0 a.m.12 views

CVE-2024-28077

A denial-of-service issue was discovered on certain GL-iNet devices. Some websites can detect devices exposed to the external network through DDNS, and consequently obtain the IP addresses and ports of devices that are exposed. By using special usernames and special characters such as half...

7AI score0.00431EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/22 12:0 a.m.25 views

CVE-2024-32238

H3C ER8300G2-X is vulnerable to Incorrect Access Control. The password for the router's management system can be accessed via the management system page login interface...

7.1AI score0.53229EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2024/04/11 12:0 a.m.4 views

VulnCheck KEV: CVE-2023-5830

A vulnerability classified as critical has been found in ColumbiaSoft Document Locator. This affects an unknown part of the file /api/authentication/login of the component WebTools. The manipulation of the argument Server leads to improper authentication. It is possible to initiate the attack...

9.8CVSS6.9AI score0.61043EPSS
Exploits0References1
NVD
NVD
added 2023/12/10 4:15 p.m.26 views

CVE-2023-6655

A vulnerability, which was classified as critical, has been found in Hongjing e-HR 2020. Affected by this issue is some unknown functionality of the file /wselfservice/oauthservlet/%2e./.%2e/general/inform/org/loadhistroyorgtree of the component Login Interface. The manipulation of the argument...

9.8CVSS0.03766EPSS
Exploits1References3
Prion
Prion
added 2023/12/10 4:15 p.m.21 views

Sql injection

A vulnerability, which was classified as critical, has been found in Hongjing e-HR 2020. Affected by this issue is some unknown functionality of the file /wselfservice/oauthservlet/%2e./.%2e/general/inform/org/loadhistroyorgtree of the component Login Interface. The manipulation of the argument...

7.5CVSS7.6AI score0.03766EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/12/10 3:31 p.m.7 views

CVE-2023-6655 Hongjing e-HR Login Interface loadhistroyorgtree sql injection

A vulnerability, which was classified as critical, has been found in Hongjing e-HR 2020. Affected by this issue is some unknown functionality of the file /wselfservice/oauthservlet/%2e./.%2e/general/inform/org/loadhistroyorgtree of the component Login Interface. The manipulation of the argument...

7.5CVSS7.3AI score0.03766EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/12/10 3:31 p.m.32 views

CVE-2023-6655 Hongjing e-HR Login Interface loadhistroyorgtree sql injection

A vulnerability, which was classified as critical, has been found in Hongjing e-HR 2020. Affected by this issue is some unknown functionality of the file /wselfservice/oauthservlet/%2e./.%2e/general/inform/org/loadhistroyorgtree of the component Login Interface. The manipulation of the argument...

7.5CVSS9.9AI score0.03766EPSS
Exploits1References3
CVE
CVE
added 2023/12/10 3:31 p.m.62 views

CVE-2023-6655

CVE-2023-6655 affects Hongjing e-HR 2020. The vulnerability resides in the Login Interface, specifically the file path …/loadhistroyorgtree, where manipulating the parameter parentid leads to a SQL injection . The issue is described as exploitable remotely and publicly disclosed (VDB-247358). Som...

9.8CVSS8.8AI score0.03766EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2023/10/27 12:0 a.m.8 views

ColumbiaSoft Document Locator Security Vulnerability

ColumbiaSoft Document Locator is a document management system from ColumbiaSoft. A security vulnerability exists in ColumbiaSoft Document Locator versions prior to 7.2 SP4, which stems from the parameter Server in file/api/authentication/login can lead to incorrect authentication...

9.8CVSS6.7AI score0.61043EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/09 12:0 a.m.4 views

HANSUNCMS SQL Injection Vulnerability

HANSUNCMS is a website builder system from China HANSUN Technology HANSUN Company. HANSUNCMS v1.0 version of the existence of security vulnerabilities, the vulnerability stems from the component / ajax / ajaxlogin.ashx found to contain SQL injection vulnerability...

9.8CVSS7.9AI score0.00518EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/08/18 12:0 a.m.8 views

Ruijie Networks RG-EW1200G 授权问题漏洞

The Ruijie Networks RG-EW1200G is a wireless router from Ruijie Networks China. An authorization issue vulnerability exists in the Ruijie Networks RG-EW1200G, which stems from improper authentication in file/api/sys/login...

8.8CVSS7.5AI score0.56147EPSS
Exploits5References4
ATTACKERKB
ATTACKERKB
added 2022/03/22 9:15 p.m.3 views

CVE-2022-26189

TOTOLINK N600R V4.3.0cu.7570B20200620 was discovered to contain a command injection vulnerability via the langType parameter in the login interface...

9.8CVSS5.9AI score0.03458EPSS
Exploits1References2
OSV
OSV
added 2022/03/22 9:15 p.m.3 views

CVE-2022-26189

TOTOLINK N600R V4.3.0cu.7570B20200620 was discovered to contain a command injection vulnerability via the langType parameter in the login interface...

9.8CVSS7.3AI score
Exploits0References1
Prion
Prion
added 2022/03/22 9:15 p.m.19 views

Command injection

TOTOLINK N600R V4.3.0cu.7570B20200620 was discovered to contain a command injection vulnerability via the langType parameter in the login interface...

7.5CVSS9.7AI score0.03458EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/01/10 12:0 a.m.6 views

Solarwinds Serv-U Web Client 输入验证错误漏洞

The Solarwinds Serv-U Web Client is an HTTP-based file transfer client from SolarWinds USA that is available to all users on licensed Serv-U file servers. An input validation error vulnerability exists in the Solarwinds Serv-U Web Client that stems from the Serv-U web login interface allowing...

5.3CVSS7.6AI score0.03359EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/09/23 12:0 a.m.5 views

Openvpn OpenVPN 跨站脚本漏洞

Openvpn OpenVPN is a software package from OpenVPN Openvpn Inc. that creates encrypted virtual private network VPN tunnels that use the OpenSSL library to encrypt data and control information and allow the created VPN to be authenticated using a public key, an electronic certificate, or a...

6.1CVSS6AI score0.00722EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/08/05 12:0 a.m.5 views

Vmware Workspace One 信息泄露漏洞

Vmware Vmware Workspace One is a platform for supporting cross-device applications for rapid delivery and management of applications from Vmware, USA. The platform, which includes VMware Horizon and VMware Horizon Cloud, integrates access control, application management, and multi-platform endpoi...

7.5CVSS7.5AI score0.00994EPSS
Exploits0References4
CNVD
CNVD
added 2020/01/09 12:0 a.m.1 views

Logic Flaw Vulnerability in the Backend Management Login Interface of Angel School Training Website System

Angel school training website system is an open source website management system. Angel school training website system back-end management login interface has a logic flaw vulnerability that can be exploited by an attacker to violently break the administrator's password...

6.9AI score
Exploits0
CNVD
CNVD
added 2019/07/13 12:0 a.m.1 views

SQL Injection Vulnerability in the Login Interface of BodaTech Enterprise Website Management System

Liaocheng Boda Network Technology Co., Ltd. is mainly engaged in developing commercial websites. SQL injection vulnerability exists in the login interface of Boda's enterprise website management system, which can be exploited by attackers to obtain database information...

8AI score
Exploits0
Rows per page
Query Builder