EUVD-2020-4829

Malware in sbrugna...

EUVD-2017-8019

Malware in sbrugna...

CVE-2025-22828

CloudStack users can add and read comments annotations on resources they are authorised to access. Due to an access validation issue that affects Apache CloudStack versions from 4.16.0, users who have access, prior access or knowledge of resource UUIDs can list and add comments annotations to suc...

CVE-2023-29586

Code Sector TeraCopy 3.9.7 does not perform proper access validation on the source folder during a copy operation. This leads to Arbitrary File Read by allowing any user to copy any directory in the system to a directory they control. NOTE: the Supplier disputes this because only admin users can...

PhotoPost PHP < 5.0.1 Multiple Remote Vulnerabilities

According to its banner, the version of PhotoPost PHP installed on the remote host has several vulnerabilities: - An Access Validation Vulnerability. The 'adm-photo.php' script fails to verify authentication credentials, which allows an attacker to change the properties of thumbnails of uploaded...

PunBB 3.0/3.1 - Multiple Remote Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/12652/info Multiple remote input validation vulnerabilities affect PunBB. These issues are due to a failure of the application to sanitize user-supplied input prior to using it to carry out critical functions. The first issue is an SQL injection issue in...

CitrusDB 0.3.6 - importcc.php Arbitrary Database Injection

CitrusDB 0.3.6 - importcc.php Arbitrary Database Injection source: https://www.securityfocus.com/bid/12557/info CitrusDB is reportedly affected by an access validation vulnerability during the upload of CSV files. Exploitation of this issue could result in path disclosure or SQL injection. The...

CitrusDB 0.3.6 - &#039;uploadcc.php&#039; Arbitrary Database Injection

source: https://www.securityfocus.com/bid/12557/info CitrusDB is reportedly affected by an access validation vulnerability during the upload of CSV files. Exploitation of this issue could result in path disclosure or SQL injection. The issue exists because the application fails to verify user...

CitrusDB 0.3.6 - &#039;importcc.php&#039; Arbitrary Database Injection

source: https://www.securityfocus.com/bid/12557/info CitrusDB is reportedly affected by an access validation vulnerability during the upload of CSV files. Exploitation of this issue could result in path disclosure or SQL injection. The issue exists because the application fails to verify user...

ZYXEL 3 Prestige Router - HTTP Remote Administration Configuration Reset

source: https://www.securityfocus.com/bid/11723/info ZyXEL Prestige router series is reported prone to an access validation vulnerability. The vulnerability exists because the firmware of the router fails to restrict access to a configuration page that is a part of the ZyXEL Prestige HTTP based...

ZYXEL 3 Prestige Router - HTTP Remote Administration Configuration Reset

ZYXEL 3 Prestige Router - HTTP Remote Administration Configuration Reset source: https://www.securityfocus.com/bid/11723/info ZyXEL Prestige router series is reported prone to an access validation vulnerability. The vulnerability exists because the firmware of the router fails to restrict access ...

DUware Software - Multiple Vulnerabilities

DUware Software - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/9462/info It has been reported that various DUware products may be prone to an access validation issue allowing a remote attacker to gain access to sensitive resources by bypassing authentication. An arbitrary fi...

DUware Software - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/9462/info It has been reported that various DUware products may be prone to an access validation issue allowing a remote attacker to gain access to sensitive resources by bypassing authentication. An arbitrary file upload vulnerability has been specified ...