4 matches found
PT-2025-53345
Name of the Vulnerable Software and Affected Versions Riello UPS NetMan 208 Application versions prior to 1.12 Description The Riello UPS NetMan 208 Application is affected by a SQL injection issue in the cgi-bin/login.cgi script. Specifically, the username parameter is susceptible to SQL injecti...
PT-2025-53346
Name of the Vulnerable Software and Affected Versions Riello UPS NetMan 208 Application versions prior to 1.12 Description The Riello UPS NetMan 208 Application, before version 1.12, contains a cross-site scripting XSS issue in the cgi-bin/loginbanner w.cgi component. This allows for the injectio...
PT-2024-37585 · Canonical +1 · Ubuntu Advantage Desktop Daemon +2
Name of the Vulnerable Software and Affected Versions: Ubuntu Advantage Desktop Daemon versions prior to 1.12 Description: The Ubuntu Advantage Desktop Daemon leaks the Pro token to unprivileged users by passing the token as an argument in plaintext. Recommendations: For versions prior to 1.12,...
CVE-2020-15105
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session base64-encoded. The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor...