Lucene search
K

4 matches found

Snyk
Snyk
added 2026/04/03 9:37 p.m.2 views

Authentication Bypass Using an Alternate Path or Channel

Overview signalk-server is an An implementation of a Signal K server for boats. Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel via the /skServer/enableSecurity endpoint. An attacker can gain unauthorized administrative privileges by...

9.4CVSS5.9AI score0.00418EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2024/09/24 12:0 a.m.188 views

PHP ACRSS 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : php acrss 1.0 CSRF Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bits | ...

7.4AI score
Exploits0
OSV
OSV
added 2023/06/07 2:15 a.m.4 views

CVE-2019-25141

The Easy WP SMTP plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.3.9. This is due to missing capability checks on the admininit function, in addition to insufficient input validation. This makes it possible for unauthenticated attackers to modify the...

9.8CVSS5.7AI score0.04461EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2021/12/26 3:15 p.m.3 views

CVE-2021-44598

Attendance Management System 1.0 is affected by a Cross Site Scripting XSS vulnerability. The value of the FirstRecord request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The attacker can access the system, by using the XSS-reflecte...

6.1CVSS6.4AI score0.00716EPSS
Exploits1References2
Rows per page
Query Builder