rustfs 安全漏洞

RustFS is a high-performance object storage system developed by RustFS. Versions of RustFS prior to 1.0.0-alpha.94 contained security vulnerabilities. These vulnerabilities stemmed from a lack of authorization checks for administrator operations at the event notification target management API...

WordPress plugin Membership Plugin – Restrict Content 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

EUVD-2024-55463

An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to perform Administrative actions using service accounts...

HPE Aruba Networking Private 5G Core 安全漏洞

HPE Aruba Networking Private 5G Core is a 5G core solution provided by the American company HPE. There are security vulnerabilities in HPE Aruba Networking Private 5G Core, which stem from an authentication bypass in the application API. This vulnerability may allow the creation of unauthorized...

PT-2026-6586

Name of the Vulnerable Software and Affected Versions Exagate SYSGuard 6001 Description The software contains a cross-site request forgery condition that enables attackers to create unauthorized administrator accounts via a specially designed HTML form. Attackers can deceive users into submitting...

Exagate SYSGuard 跨站请求伪造漏洞

Exagate SYSGuard is a solution developed by Exagate for use in data centers, computer or server rooms, or any other locations equipped with IT equipment. The Exagate SYSGuard 6001 version contains a cross-site request forgeing vulnerability. This vulnerability stems from cross-site request forger...

Adikiss System Information Announcement System for Online Graduation: Cross-site Request Forgery Vulnerability

Adikiss Sistem Informasi Pengumuman Kelulusan Online is a campus information system developed by Adikiss Corporation. Version 1.0 of Adikiss Sistem Informasi Pengumuman Kelulusan Online contains a cross-site request forgeing vulnerability. This vulnerability stems from the tambahuser.php endpoint...

KiloView Encoder Series Access Control Vulnerability

The KiloView Encoder Series is a series of electronic encoders developed by the British company KiloView. The KiloView Encoder Series contains an access control vulnerability; this vulnerability stems from the lack of authentication for critical functions. This allows unauthorized attackers to...

CVE-2025-68434 opensourcepos has Cross-Site Request Forgery vulnerability that leads to Unauthorized Administrator Creation

Open Source Point of Sale opensourcepos is a web based point of sale application written in PHP using CodeIgniter framework. Starting in version 3.4.0 and prior to version 3.4.2, a Cross-Site Request Forgery CSRF vulnerability exists in the application's filter configuration. The CSRF protection...

EUVD-2002-1713

Malware in sbrugna...

EUVD-2025-24570

Malicious code in bioql PyPI...

WordPress plugin Bravis User 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2025-52392

CVE-2025-52392 affects Soosyze CMS 2.0. The root cause is missing rate-limiting and account lockout on the /user/login endpoint, enabling brute-force login attempts and potentially unauthorized administrative access. Public sources in connected documents describe a brute-force tool and PoC usage,...

Siemens SINEC NMS 访问控制错误漏洞

Siemens SINEC NMS is a network management system NMS from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. An access control error vulnerability exists in Siemens SINEC NMS,...

Palo Alto Networks PAN-OS 安全漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A security vulnerability exists in Palo Alto Networks PAN-OS that originates from an unauthorized administrator potentially viewing plaintext data...

yimioa 安全漏洞

yimioa CloudNet OA is a locally deployed OA software by rabbit individual developers. A security vulnerability exists in versions prior to yimioa v2024.07.04, which stems from improper access control of the WebSecurityConfig component and allows an unauthorized attacker to arbitrarily change the...

WordPress Shield Security 20.0.5 Cross Site Scripting

Exploit Title: CVE-2024-7313 - Reflected XSS to Unauthorised Administrator Account Creation Google Dork: inurl:"/wp-content/plugins/wp-simple-firewall/" Cannot find version numbers from this DORK Date: 16/08/2024 Exploit Author: Tim Lepp Vendor Homepage: https://getshieldsecurity.com/ Software...

VulnCheck KEV: CVE-2023-22515

Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence...

Cisco FXOS and NX-OS Software Unauthorized Administrator Account (CVE-2018-0294)

A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete...

Security Bulletin: Potential security exposures with IBM WebSphere DataPower XC10 Appliance (CVE-2012-5758, CVE-2012-5759, CVE 2012-5756)

Abstract Several high risk vulnerabilities have been identified in the WebSphere DataPower XC10 Appliance V2.0, and V2.1 that may allow unauthorized administrator privileges. These vulnerabilities affect the WebSphere DataPower XC10 Appliance only and do not affect the related WebSphere eXtreme...