Input validation

An insecure direct object reference IDOR vulnerability exists in Magento 2.3 prior to 2.3.1, 2.2 prior to 2.2.8, and 2.1 prior to 2.1.17 versions. An authenticated user may be able to view personally identifiable shipping details of another user due to insufficient validation of user controlled...

WordPress Zoner Real Estate Theme 4.1.1 Cross Site Scripting

Exploit Title: WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/themes/zoner/ Date: 2019-09-24 Exploit Author: m0ze Vendor Homepage: https://fruitfulcode.com/ Software Link:...

V-SOL GPON/EPON OLT Platform 2.03 Unauthenticated Configuration Download

V-SOL GPON/EPON OLT Platform v2.03 Unauthenticated Configuration Download Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com Affected version: V2.03.62RIPv6 V2.03.54R V2.03.52R V2.03.49 V2.03.47 V2.03.40 V2.03.26 V2.03.24 V1.8.6 V1.4 Summary: GPO...

CVE-2019-14724

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to edit an e-mail forwarding destination of a victim's account via an attacker account...

CVE-2019-14725

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail usage value of a victim account via an attacker account...

CVE-2019-14724

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to edit an e-mail forwarding destination of a victim's account via an attacker account...

CVE-2019-14725

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail usage value of a victim account via an attacker account...

Design/Logic Flaw

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail usage value of a victim account via an attacker account...

Design/Logic Flaw

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to edit an e-mail forwarding destination of a victim's account via an attacker account...

CVE-2019-14724

CVE-2019-14724 affects CentOS Web Panel version 0.9.8.851. The vulnerability is an insecure object reference that allows an attacker with an attacker account to edit the victim’s e‑mail forwarding destination. Root cause: improper access control on the object representing the e‑mail forwarding se...

CVE-2019-14724

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to edit an e-mail forwarding destination of a victim's account via an attacker account...

CVE-2019-14725

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail usage value of a victim account via an attacker account...

PT-2019-13805 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.851 Description: The issue allows an attacker to modify the e-mail usage value of a victim's account using their own account, due to an insecure object reference. Recommendations: For version 0.9.8.851, at the...

CVE-2019-14726

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to access and delete DNS records of a victim's account via an attacker account...

CVE-2019-14728

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to add an e-mail forwarding destination to a victim's account via an attacker account...

CVE-2019-14729

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a sub-domain from a victim's account via an attacker account...

CVE-2019-14726

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to access and delete DNS records of a victim's account via an attacker account...

CVE-2019-14727

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail password of a victim account via an attacker account...

CVE-2019-14727

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail password of a victim account via an attacker account...

CVE-2019-14730

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a domain from a victim's account via an attacker account...