15 matches found
EUVD-2026-13101
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in the UniFi Network Application to access files on the underlying system that could be manipulated to access an underlying account...
EUVD-2026-11412
ZITADEL is an open source identity management platform. Prior to 3.4.8 and 4.12.2, a potential vulnerability exists in Zitadel's passkey registration endpoints. This endpoint allows registering a new passkey using a previously retrieved code. An improper expiration check of the code, could allow ...
EUVD-2008-6723
Malware in sbrugna...
EUVD-2009-2569
Malware in sbrugna...
EUVD-2017-8104
Malware in sbrugna...
CVE-2024-26492
An issue in Online Diagnostic Lab Management System 1.0 allows a remote attacker to gain control of a 'Staff' user account via a crafted POST request using the id, email, password, and cpass parameters...
CVE-2022-31266
In ILIAS through 7.10, lack of verification when changing an email address on the Profile Page allows remote attackers to take over accounts...
PT-2025-20717 · Schweitzer Engineering Laboratories · Sel Blueframe Os
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An authenticated user without user-management permissions could view other users' account information. Recommendations: At the moment, there is no information about a newer version that...
Exploit for Missing Authorization in Oliverpos Oliver_Pos
Oliver POS – A WooCommerce Point of Sale POS = 2.4.2.3 - Se...
Metasploit Wrap-Up 03/06/2025
New module content 3 Get NAA Credentials Authors: skelsec, smashery, and xpn Type: Auxiliary Pull request: 19712 contributed by smashery Path: admin/sccm/getnaacredentials Description: Adds an auxiliary module which performs the retrieval of Network Access Account NAA credentials from an System...
CVE-2024-28197
Zitadel is an open source identity management system. Zitadel uses a cookie to identify the user agent browser and its user sessions. Although the cookie was handled according to best practices, it was accessible on subdomains of the ZITADEL instance. An attacker could take advantage of this and...
CVE-2024-56902
Information disclosure vulnerability in Geovision GV-ASManager web application with the version v6.1.0.0 or less, which discloses account information, including cleartext password...
CVE-2022-30730
Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess account list without authentication...
Experian Flaw Lets Attacker Obtain Credit Freeze PIN and Access Account
By Waqas Plenty of consumers decided to go for a credit freeze This is a post from HackRead.com Read the original post: Experian Flaw Lets Attacker Obtain Credit Freeze PIN and Access Account...
By sending YY information access others account and login-bug warning-the black bar safety net
First send a YY information to the users, this is a test of the no-induced ! Then open ! a cookie to the ! With veterans try. ! Log in. Repair solutions: Filter...