ZKTeco ZKBioSecurity 跨站请求伪造漏洞

ZKTeco ZKBioSecurity is a web-based integrated platform developed by ZKTeco Corporation in China. Version 3.0 of ZKTeco ZKBioSecurity contains a cross-site request forgeing vulnerability. This vulnerability stems from cross-site request forgery, allowing attackers to trick users into accessing...

IBM Aspera Console 安全漏洞

IBM Aspera Console is a Web-based application from International Business Machines IBM. Allows users to centrally manage, monitor and control Aspera servers nodes and transports. A denial of service vulnerability exists in IBM Aspera Console, which can be exploited by an attacker to cause a denia...

IBM Aspera Console 安全漏洞

IBM Aspera Console is a Web-based application from International Business Machines IBM. Allows users to centrally manage, monitor and control Aspera servers nodes and transports. A denial of service vulnerability exists in IBM Aspera Console, which can be exploited by an attacker to cause a denia...

IBM Aspera Console 安全漏洞

IBM Aspera Console is a Web-based application from International Business Machines IBM. Allows users to centrally manage, monitor and control Aspera servers nodes and transports. An information disclosure vulnerability exists in IBM Aspera Console, which can be exploited by an attacker to enumera...

EUVD-2026-11706

The Honeywell IQ4x building management controller, exposes its full web-based HMI without authentication in its factory-default configuration. With no user module configured, security is disabled by design and the system operates under a System Guest level 100 context, granting read/write...

CVE-2026-4013 SourceCodester Web-based Pharmacy Product Management System add_admin.php improper authorization

A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown function of the file addadmin.php. Such manipulation leads to improper authorization. The attack may be launched remotely...

PT-2026-24935

A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown function of the file add admin.php. Such manipulation leads to improper authorization. The attack may be launched remotely...

CVE-2026-3766

SourceCodester Web-based Pharmacy Product Management System 1.0 contains a cross-site scripting vulnerability in edit-profile.php when manipulating the fullname parameter. The issue is exploitable remotely, with publicly released exploit material and a PROOF-OF-CONCEPT exploit maturity noted. Roo...

CVE-2026-27777

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-27027

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-27027

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-2331

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...

CVE-2026-27770

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

PT-2026-23715

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

Everon 安全漏洞

Everon is an electric vehicle charging station system developed by Everon Corporation. There is a security vulnerability in Everon, which stems from the fact that the authentication identifiers can be accessed publicly through a web-based map platform...

CVE-2026-20131 Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java...

CVE-2026-3401

A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part. This manipulation causes session expiration. Remote exploitation of the attack is possible. The complexity of an attack is rather high. It is indicated that the...

CVE-2026-3401 SourceCodester Web-based Pharmacy Product Management System session expiration

A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part. This manipulation causes session expiration. Remote exploitation of the attack is possible. The complexity of an attack is rather high. It is indicated that the...

CVE-2026-3401

Technical details about CVE-2026-3401 are not publicly available in the provided documents. No concrete information on affected components, root cause, or fixes is included. Monitor for updates from linked sources.

Pharmacy Point Of Sale System 安全漏洞

The Pharmacy Point of Sale System is a web-based application developed by Carlo Montero. It is used to help a pharmacy manage its sales transactions. Version 1.0 of the Pharmacy Point of Sale System has a security vulnerability, which stems from an SQL injection vulnerability in the...