57 matches found
CVE-2025-32982
NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module...
CVE-2025-32982
NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module...
CVE-2025-32982
NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module...
PT-2025-17940 · Netscout · Ngeniusone
Name of the Vulnerable Software and Affected Versions: NETSCOUT nGeniusONE versions prior to 6.4.0 b2350 Description: The issue is related to a Broken Authorization Schema for the report module. This means that there is a flaw in how authorization is handled, potentially allowing unauthorized...
CVE-2025-32982
NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module...
CVE-2025-32982
NETSCOUT nGeniusONE prior to 6.4.0 b2350 is affected by a Broken Authorization Schema in the report module (CVE-2025-32982). The CVE details indicate a high-severity impact (CVSS 3.1: 7.5; Confidentiality impact H, Integrity/Availability none) due to an authorization flaw that could enable unauth...
ChurchCRM v4.5.3 - Authenticated SQL Injection
Exploit Title: ChurchCRM 4.5.3 - Authenticated SQL Injection Date: 27-04-2023 Exploit Author: Iyaad Luqman K Software Link: https://github.com/ChurchCRM/CRM/releases Vendor Homepage: http://churchcrm.io/ Tested Version: 4.5.1 Tested on: Windows, Linux CVE: CVE-2023-24685 ChurchCRM v4.5.3 and belo...
PT-2022-27642 · Hillstone · Hillstone Firewall Sg-6000
Name of the Vulnerable Software and Affected Versions: Hillstone Firewall SG-6000 versions 5.0.4.0 and earlier Description: The issue is related to incorrect access control, allowing an attacker to bypass permissions and gain super administrator privileges in the background of the firewall. This ...
CVE-2022-40772
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module...
CVE-2022-40772
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module...
Input validation
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module...
CVE-2022-40772
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module...
CVE-2022-40772
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module...
CVE-2022-40772
CVE-2022-40772 affects Zoho ManageEngine ServiceDesk Plus versions 13010 and earlier. A validation bypass in the report module allows an attacker to access sensitive data. Public details in the initial and linked records confirm the affected product/version and the data exposure via the report mo...
PT-2022-25531 · Zoho · Zoho Manageengine Servicedesk Plus
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ServiceDesk Plus versions 13010 and prior Description: The issue is related to a validation bypass that allows users to access sensitive data via the report module. This is due to improper input validation, which can lead to...
CVE-2022-38538
Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module...
CVE-2022-38538
Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module...
CVE-2022-38538
Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module...
Sql injection
Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module...
Archery SQL注入漏洞
Archery is a set of open source vulnerability assessment and management tools. A security vulnerability exists in Archery versions v1.7.0 through v1.8.5, which stems from the checksum parameter in the report module containing a SQL injection vulnerability...