CVE-2024-35555

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/shareswitch.php?mudi=switch&dataType=newsWeb&fieldName=state&fieldName2=state&tabName=infoWeb&dataID=40...

PT-2024-26541 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in the component /admin/share switch.php. The affected endpoint includes parameters such as mudi, dataType, fieldName, fieldName2, tabName, and dataID...

PT-2024-26288 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in the component /admin/share switch.php. This component is vulnerable due to the presence of certain parameters, including mudi, dataType, fieldName,...

Rescan of Windows Machine in Protection Group Fails With "The network path was not found."

Article Applicability This article addresses situations in which credential-based authentication is used to add a Windows machine to a Veeam Agent for Microsoft Windows protection group. The troubleshooting steps below address connectivity failures that occur when Veeam Backup & Replication...

Conti Ransomware Gang Has Full Log4Shell Attack Chain

The Conti ransomware gang, which last week became the first professional crimeware outfit to adopt and weaponize the Log4Shell vulnerability, has now built up a holistic attack chain. The sophisticated Russia-based Conti group – which Palo Alto Networks has called “one of the most ruthless” of...

Troubleshooting Guest Processing Issues | "Test Now" or "Verify network connectivity and credentials"

Article Applicability This article's primary focus is on traditional credentials-based authentication. For environments using a Group Managed Service Account gMSA, please review the User Guide first to ensure you are familiar with all the Requirements and Limitations of gMSA usage. Challenge Skip...

OTCMS cross-site scripting vulnerability (CNVD-2018-19744)

OTCMS is an article-based web content management system CMS. A cross-site scripting vulnerability exists in the admin/shareswitch.php file in OTCMS version 3.61. A remote attacker can use the 'fieldName', 'fieldName2' and 'tabName' parameters to inject arbitrary Web script or HTML with the...

CVE-2018-17086

An issue was discovered in OTCMS 3.61. XSS exists in admin/shareswitch.php via these parameters: fieldName fieldName2 tabName...

PYSEC-2018-10

Kotti before 1.3.2 and 2.x before 2.0.0b2 has CSRF in the local roles implementation, as demonstrated by triggering a permission change via a /admin-document/@@share request...

CVE-2000-0222

The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote attackers to connect to the ADMIN$ share without a password until the reboot occurs...

win2k.install.txt

Hi ! During the installation process of Windows 2000 professionnal anyone can connect to the ADMIN$ share as ADMINISTRATOR whithout any password. Verification : % ./smbclient \\WINDOZE\ADMIN$ -I xxx.yyy.zzz.ttt -U 'administrator' -d 0 -N Unable to open configuration file...

CVE-2000-0222

The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote attackers to connect to the ADMIN$ share without a password until the reboot occurs...