7572 matches found
IBM Aspera Console 安全漏洞
IBM Aspera Console is a Web-based application from International Business Machines IBM. Allows users to centrally manage, monitor and control Aspera servers nodes and transports. A denial of service vulnerability exists in IBM Aspera Console, which can be exploited by an attacker to cause a denia...
IBM Aspera Console 安全漏洞
IBM Aspera Console is a Web-based application from International Business Machines IBM. Allows users to centrally manage, monitor and control Aspera servers nodes and transports. A denial of service vulnerability exists in IBM Aspera Console, which can be exploited by an attacker to cause a denia...
EUVD-2026-11706
The Honeywell IQ4x building management controller, exposes its full web-based HMI without authentication in its factory-default configuration. With no user module configured, security is disabled by design and the system operates under a System Guest level 100 context, granting read/write...
CVE-2026-4013 SourceCodester Web-based Pharmacy Product Management System add_admin.php improper authorization
A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown function of the file addadmin.php. Such manipulation leads to improper authorization. The attack may be launched remotely...
PT-2026-24935
A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown function of the file add admin.php. Such manipulation leads to improper authorization. The attack may be launched remotely...
CVE-2026-3766
SourceCodester Web-based Pharmacy Product Management System 1.0 contains a cross-site scripting vulnerability in edit-profile.php when manipulating the fullname parameter. The issue is exploitable remotely, with publicly released exploit material and a PROOF-OF-CONCEPT exploit maturity noted. Roo...
CVE-2026-27777
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
CVE-2026-27027
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
CVE-2026-27027
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
CVE-2026-2331
An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...
CVE-2026-27770
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
Everon 安全漏洞
Everon is an electric vehicle charging station system developed by Everon Corporation. There is a security vulnerability in Everon, which stems from the fact that the authentication identifiers can be accessed publicly through a web-based map platform...
PT-2026-23715
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
CVE-2026-20131 Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java...
CVE-2026-3401
A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part. This manipulation causes session expiration. Remote exploitation of the attack is possible. The complexity of an attack is rather high. It is indicated that the...
CVE-2026-3401 SourceCodester Web-based Pharmacy Product Management System session expiration
A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part. This manipulation causes session expiration. Remote exploitation of the attack is possible. The complexity of an attack is rather high. It is indicated that the...
CVE-2026-3401
Technical details about CVE-2026-3401 are not publicly available in the provided documents. No concrete information on affected components, root cause, or fixes is included. Monitor for updates from linked sources.
Pharmacy Point Of Sale System 安全漏洞
The Pharmacy Point Of Sale System is a web-based application developed by Carlo Montero. It is used to help a pharmacy manage its sales transactions. Version 1.0 of the Pharmacy Point Of Sale System has a security vulnerability, which stems from an SQL injection vulnerability in the...
Pharmacy Point Of Sale System 安全漏洞
The Pharmacy Point of Sale System is a web-based application developed by Carlo Montero. It is used to help a pharmacy manage its sales transactions. Version 1.0 of the Pharmacy Point of Sale System has a security vulnerability, which stems from an SQL injection vulnerability in the...
CVE-2026-27457
Weblate is a web based localization tool. Prior to version 5.16.1, the REST API's AddonViewSet weblate/api/views.py, line 2831 uses queryset = Addon.objects.all without overriding getqueryset to scope results by user permissions. This allows any authenticated user or anonymous users if REQUIRELOG...