EUVD-2017-4375

Malware in sbrugna...

Cangzhou Jialan Network Technology Co., Ltd. unauthorized access vulnerability in the virtual goods automatic delivery system

JiaBlue virtual goods automatic delivery system is the latest one-stop self-service delivery platform launched by JiaBlue Technology, which supports automatic delivery of virtual goods, paid article reading, paid audio and video, paid gallery and so on. The whole process does not require human...

Unauthorized Access Vulnerability in Super Star Huiya Digital Book Documentation Service System

Beijing Century Super Star Information Technology Development Limited Liability Company Super Star is one of the companies engaged in the digitization of paper materials and the production of electronic publications. An unauthorized access vulnerability exists in the Super Star Huiya Digital Book...

CVE-2018-16483

A deficiency in the access control in module express-cart =1.1.5 allows unprivileged users to add new users to the application as administrators...

EmpireCMS Cross-Site Request Forgery Vulnerability

EmpireCMS Empire Website Management System is a content management system CMS. A cross-site request forgery vulnerability exists in EmpireCMS version 7.0, which can be exploited by remote attackers to add administrators with the help of the upload/e/admin/user/AddUser.php?enews=AddUser interface...

CVE-2018-16339

An issue was discovered in EmpireCMS 7.0. There is a CSRF vulnerability that can add administrators via upload/e/admin/user/AddUser.php?enews=AddUser...

Authentication Bypass Vulnerability in Sunell Cameras

Jing Yang Sunell camera is a camera produced by Shenzhen Jing Yang Technology Co. Sunell camera has an authentication bypass vulnerability that can be exploited by attackers to add administrators, modify the configuration, and gain WEB administrator privileges...

CVE-2017-12838

Cross-site request forgery CSRF vulnerability in NexusPHP 1.5 allows remote attackers to hijack the authentication of users for requests that 1 send manas via a request to mybonus.php or 2 add administrators via unspecified vectors...

CVE-2017-12838

Cross-site request forgery CSRF vulnerability in NexusPHP 1.5 allows remote attackers to hijack the authentication of users for requests that 1 send manas via a request to mybonus.php or 2 add administrators via unspecified vectors...

CVE-2017-12838

Cross-site request forgery CSRF vulnerability in NexusPHP 1.5 allows remote attackers to hijack the authentication of users for requests that 1 send manas via a request to mybonus.php or 2 add administrators via unspecified vectors...

metinfo cms has csrf vulnerability

metinfo cms is an enterprise website management system with PHP Mysql architecture. metinfo cms has a csrf vulnerability, which can be exploited by attackers to add administrators without restriction...