WordPress Plugin WC Serial Numbers Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

PT-2023-29830 · Pluginever · Pluginever Wc Serial Numbers

Name of the Vulnerable Software and Affected Versions: PluginEver WC Serial Numbers plugin versions 1.6.3 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...

CVE-2023-44097

Vulnerability of the permission to access device SNs being improperly managed.Successful exploitation of this vulnerability may affect service confidentiality...

PT-2023-29097 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns the improper management of permissions to access device serial numbers SNs, which could impact service confidentiality upon successfu...

CVE-2023-32346

Teltonika’s Remote Management System versions prior to 4.10.0 contain a function that allows users to claim their devices. This function returns information based on whether the serial number of a device has already been claimed, the MAC address of a device has already been claimed, or whether th...

CVE-2023-32347

Teltonika’s Remote Management System versions prior to 4.10.0 use device serial numbers and MAC addresses to identify devices from the user perspective for device claiming and from the device perspective for authentication. If an attacker obtained the serial number and MAC address of a device, th...

Information disclosure

Teltonika’s Remote Management System versions prior to 4.10.0 contain a function that allows users to claim their devices. This function returns information based on whether the serial number of a device has already been claimed, the MAC address of a device has already been claimed, or whether th...

Teltonika Remote Management System 安全漏洞

Teltonika Remote Management System is a Teltonika remote management system for managing Teltonika products. A security vulnerability exists in Teltonika Remote Management System versions prior to 4.10.0. An attacker exploiting this vulnerability could create a list containing the serial numbers a...

Default credentials

The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number =2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number =2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number =2311xxxx all...

Use of Telnet in multiple SICK Flexi Soft and Flexi Classic Gateways

Several versions of the SICK Flexi Soft Gateways FX0-GENT, FX0-GMOD, FX0-GPNT and SICK Flexi Classic Gateway UE410 provide a Telnet interface for debugging, which is enabled by factory default. No password is set in the default configuration. If the password is not set by the customer, a remote...

CVE-2022-35572

On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, and potentially other vendors/devices due to code reuse, the /SysInfo.htm URI does not require a session ID. This web page calls a showsysinfo function which retrieves WPA passwords, SSIDs, MAC Addresses, serial numbers, WPS...

CVE-2022-35572

On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, and potentially other vendors/devices due to code reuse, the /SysInfo.htm URI does not require a session ID. This web page calls a showsysinfo function which retrieves WPA passwords, SSIDs, MAC Addresses, serial numbers, WPS...

CVE-2022-27242

A vulnerability has been identified in OpenV2G V0.9.4. The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption...

CVE-2022-27242

A vulnerability has been identified in OpenV2G V0.9.4. The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption...

CVE-2022-29792

The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality...

CVE-2022-29792

The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality...

Design/Logic Flaw

The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality...

CVE-2022-29792

The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality...

Crypt-Server 跨站脚本漏洞

Crypt-Server is a Django web application by Graham Gilbert, an individual developer in the United States. It is used to host file library keys sent by the Crypt client application. A security vulnerability exists in Crypt-Server versions prior to 3.3.0, which stems from allowing the use of XSS in...

Sophos Firewall 信息泄露漏洞

Sophos Firewall is a firewall from Sophos UK. A security vulnerability exists in Sophos Firewall version v18.5 MR2 and earlier, which stems from an information disclosure vulnerability in Webadmin that could allow an unauthenticated, remote attacker to read device serial numbers...