VulnCheck KEV: CVE-2023-3306

A vulnerability was found in Ruijie RG-EW1200G EW3.01B11P204. It has been declared as critical. This vulnerability affects unknown code of the file app.09df2a9e44ab48766f5f.js of the component Admin Password Handler. The manipulation leads to improper access controls. The attack can be...

CVE-2024-3690

A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Affected by this vulnerability is an unknown functionality of the component Change Password Handler. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the...

CVE-2024-3690

CVE-2024-3690 affects PHPGurukul Small CRM 3.0, specifically the Change Password Handler. A SQL injection vulnerability arises from unsafely handled SQL in that component, allowing remote exploitation with public disclosure. Multiple connected sources corroborate the issue; no official patch/vers...

CVE-2024-3690 PHPGurukul Small CRM Change Password sql injection

A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Affected by this vulnerability is an unknown functionality of the component Change Password Handler. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the...

PHPGurukul Small CRM SQL注入漏洞

Small CRM is a customer relationship management system. A SQL injection vulnerability exists in Small CRM, which stems from a lack of validation of externally-entered SQL statements in the change password handler. An attacker can exploit this vulnerability to execute illegal SQL commands to steal...

PT-2024-27195 · Unknown · Phpgurukul Small Crm

Name of the Vulnerable Software and Affected Versions: PHPGurukul Small CRM version 3.0 Description: A critical issue was found in the Change Password Handler component, which can be exploited to lead to sql injection. This issue can be launched remotely. Recommendations: For PHPGurukul Small CRM...

CVE-2024-2641 Ruijie RG-NBS2009G-P Password passwdManage.htm improper authorization

A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as critical. Affected is an unknown function of the file /system/passwdManage.htm of the component Password Handler. The manipulation leads to improper authorization. It is possible to launch the attack...

Ruijie Networks RG-NBS2009G-P Authorization Issues Vulnerability

Ruijie Networks RG-NBS2009G-P is a network security product from China's Ruijie Networks that is commonly used as an enterprise-class network border firewall. The Ruijie Networks RG-NBS2009G-P suffers from an authorization issue vulnerability that stems from the inclusion of an unknown function i...

VulnCheck KEV: CVE-2023-4169

A vulnerability was found in Ruijie RG-EW1200G 1.01B1P5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /api/sys/setpasswd of the component Administrator Password Handler. The manipulation leads to improper access controls. The attack...

CVE-2023-5296

A vulnerability was found in Xinhu RockOA 1.1/2.3.2/15.X3amdi and classified as problematic. Affected by this issue is some unknown functionality of the file api.php?m=reimplat&a=index of the component Password Handler. The manipulation leads to weak password recovery. The attack may be launched...

CVE-2023-5296

A vulnerability was found in Xinhu RockOA 1.1/2.3.2/15.X3amdi and classified as problematic. Affected by this issue is some unknown functionality of the file api.php?m=reimplat&a=index of the component Password Handler. The manipulation leads to weak password recovery. The attack may be launched...

Design/Logic Flaw

A vulnerability was found in Xinhu RockOA 1.1/2.3.2/15.X3amdi and classified as problematic. Affected by this issue is some unknown functionality of the file api.php?m=reimplat&a=index of the component Password Handler. The manipulation leads to weak password recovery. The attack may be launched...

PT-2023-32017 · Xinhu · Xinhu Rockoa

Name of the Vulnerable Software and Affected Versions: Xinhu RockOA versions 1.1 through 2.3.2 Xinhu RockOA version 15.X3amdi Description: A vulnerability was found in the Password Handler component of Xinhu RockOA, affecting some unknown functionality of the file api.php?m=reimplat&a=index. This...

CVE-2023-4183

A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file editupdate.php of the component Password Handler. The manipulation of the argument userid leads to improper access controls. The atta...

CVE-2023-4183

A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file editupdate.php of the component Password Handler. The manipulation of the argument userid leads to improper access controls. The atta...

CVE-2023-4183 SourceCodester Inventory Management System Password edit_update.php access control

A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file editupdate.php of the component Password Handler. The manipulation of the argument userid leads to improper access controls. The atta...

Inventory Management System Access Control Error Vulnerability

Inventory Management System is an inventory management system by the individual developers of stemword. An Access Control Error vulnerability exists in the SourceCodester Inventory Management System version 1.0 due to incorrect access control of the userid parameter on the editupdate.php page via...

CVE-2023-4169

A vulnerability was found in Ruijie RG-EW1200G 1.01B1P5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /api/sys/setpasswd of the component Administrator Password Handler. The manipulation leads to improper access controls. The attack can ...

CVE-2023-4169 Ruijie RG-EW1200G Administrator Password set_passwd access control

A vulnerability was found in Ruijie RG-EW1200G 1.01B1P5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /api/sys/setpasswd of the component Administrator Password Handler. The manipulation leads to improper access controls. The attack can ...

PT-2023-28048 · Ruijie · Ruijie Rg-Ew1200G

Name of the Vulnerable Software and Affected Versions: Ruijie RG-EW1200G version 1.01B1P5 Description: A critical issue has been found in the Administrator Password Handler component, specifically affecting an unknown functionality of the file "/api/sys/set passwd". This leads to improper access...