34 matches found
CVE-2025-34222 Vasion Print (formerly PrinterLogic) Unauthenticated Admin APIs Used to Modify SSL Certificates
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA/SaaS deployments expose four admin routes – /admin/hp/certupload, /admin/hp/certdelete, /admin/certs/ca, and /admin/certs/serviceclients/scid – without any...
PT-2025-38732
Name of the Vulnerable Software and Affected Versions AiKaan IoT Platform affected versions not specified Description A missing server-side authorization check in the department admin assignment APIs within the AiKaan IoT Platform permits authenticated users to gain elevated privileges...
CVE-2025-34070
A missing authentication vulnerability in the GFIAgent component of GFI Kerio Control 9.4.5 allows unauthenticated remote attackers to perform privileged operations. The GFIAgent service, responsible for integration with GFI AppManager, exposes HTTP services on ports 7995 and 7996 without proper...
PT-2024-7247 · Tenda · Tenda Ac1206
Name of the Vulnerable Software and Affected Versions: Tenda AC1206 versions up to 15.03.06.23 Description: The issue is related to the ate iwpriv set and ate ifconfig set functions in the /goform/ate file of the Tenda AC1206 router's firmware. It allows for command injection due to inadequate da...
Siemens SCALANCE 安全漏洞
The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...
Admin-Panel_Finder - A Burp Suite Extension That Enumerates Infrastructure And Application Admin Interfaces (OTG-CONFIG-005)
A burp suite extension that enumerates infrastructure and application Admin Interfaces. OWASP References: Classification : Web Application Security Testing 02-Configuration and Deployment Management Testing OTG v4 : OWASP OTG-CONFIG-005 WSTG : WSTG-CONF-05 Why should I use this extension?...
CVE-2021-0248
This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an attacker to take over any instance of an NFX deployment. This issue is only exploitable through administrative interfaces. This issue affects: Junip...
UBUNTU-CVE-2019-1010054
Dolibarr 7.0.0 is affected by: Cross Site Request Forgery CSRF. The impact is: allow malitious html to change user password, disable users and disable password encryptation. The component is: Function User password change, user disable and password encryptation. The attack vector is: admin access...
Skybox Security Appliance Multiple Information Disclosure Vulnerabilities
Skybox Security Appliance is prone to multiple information disclosure vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...
Skybox Security 6.3.x 6.4.x - Multiple Denial of Service Vulnerabilities
Skybox Security 6.3.x 6.4.x - Multiple Denial of Service Vulnerabilities Exploit Title: SKYBOX Security - DDOS Date: 22-Jan-2014 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.skyboxsecurity.com Version: Skybox View Appliances with ISO versions: 6.3.33-2.14, 6.3.31-2.14, 6.4.42-2.54,...
Skybox Security 6.3.x 6.4.x - Multiple Information Disclosures
Skybox Security 6.3.x 6.4.x - Multiple Information Disclosures Exploit Title: SKYBOX Security – Multiple Information Disclosure Date: 22-Jan-2014 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.skyboxsecurity.com Version: Skybox View Appliances with ISO versions: 6.3.33-2.14, 6.3.31-2.1...
Skybox Security 6.3.x < 6.4.x - Multiple Denial of Service Vulnerabilities
Exploit Title: SKYBOX Security - DDOS Date: 22-Jan-2014 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.skyboxsecurity.com Version: Skybox View Appliances with ISO versions: 6.3.33-2.14, 6.3.31-2.14, 6.4.42-2.54, 6.4.45-2.56, 6.4.46-2.57 Tested on: Centos 6.4 kernel 2.6.32 CVE :...
Skybox Security 6.3.x - 6.4.x - Multiple Information Disclosure
Exploit for hardware platform in category web applications Exploit Title: SKYBOX Security – Multiple Information Disclosure Date: 22-Jan-2014 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.skyboxsecurity.com Version: Skybox View Appliances with ISO versions: 6.3.33-2.14, 6.3.31-2.14,...
Esoftpro Online Guestbook Pro - Multiple Vulnerabilities
Exploit Title: Esoftpro Online Guestbook Pro Multiple Vulnerability Vendor url:http://www.esoftpro.com/ Version:5.1 Author: L0rd CrusAd3r aka VSN [email protected] Published: 2010-07-4 Greetz to:r0073r inj3ct0r.com, Sid3^effects, MaYur, MA1201, Sonic Bluehat, Sai, KD, M4n0j. Special Greetz:...