15 matches found
CVE-2025-66170
The CloudStack Backup plugin has an improper authorization logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is enabled and has access to specific APIs can list backups from any account in the environment...
EUVD-2009-1821
Malware in sbrugna...
EUVD-2007-4293
Malware in sbrugna...
EUVD-2013-5596
Malware in sbrugna...
EUVD-2001-1480
Malware in sbrugna...
EUVD-2009-1820
Malware in sbrugna...
CVE-2019-11063
A broken access control vulnerability in SmartHome app Android versions up to 3.0.42190515, ios versions up to 2.0.22 allows an attacker in the same local area network to list user accounts and control IoT devices that connect with its gateway HG100 via http://target/smarthome/devicecontrol witho...
CVE-2015-5515
The Views Bulk Operations VBO module 6.x-1.x and 7.x-3.x before 7.x-3.3 for Drupal, when the bulk operation for changing Roles is enabled, allows remote authenticated users to edit user accounts and add arbitrary roles to the accounts by leveraging access to a user account listing view with VBO...
Cross site scripting
Cross-site scripting XSS vulnerability in the Bank Account Listing Page in the Commerce Balanced Payments module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-3384
CVE-2015-3384 is a Cross-Site Scripting (XSS) vulnerability in the Drupal Commerce Balanced Payments module, specifically affecting the Bank Account Listing Page. The root cause is insufficient sanitization of user-supplied text in that page, enabling remote authenticated users to inject arbitrar...
CVE-2015-3384
Cross-site scripting XSS vulnerability in the Bank Account Listing Page in the Commerce Balanced Payments module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
ASTPP VoIP Billing (4cf207a) Multiple Vulnerabilities
No description provided by source. Title: ====== ASTPP VoIP Billing 4cf207a - Multiple Web Vulnerabilities Date: ===== 2012-08-17 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=687 VL-ID: ===== 687 Common Vulnerability Scoring System: ==================================...
CVE-2001-1503
The finger daemon in.fingerd in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host...
CVE-2002-1731
The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the object names that are type USRPRF...
CVE-2001-1503
The finger daemon in.fingerd in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host...