EUVD-2023-38201

Malicious code in bioql PyPI...

EUVD-2022-6960

Malicious code in bioql PyPI...

CVE-2025-54089 Cross-site Scripting vulnerability in Secure Access prior to 14.10

CVE-2025-54089 is a cross-site scripting vulnerability in versions of secure access prior to 14.10. Attackers with administrative access to the console can interfere with another administrator’s access to the console. The attack complexity is low; there are no attack requirements. Privileges...

CVE-2025-54089 Cross-site Scripting vulnerability in Secure Access prior to 14.10

CVE-2025-54089 is a cross-site scripting vulnerability in versions of secure access prior to 14.10. Attackers with administrative access to the console can interfere with another administrator’s access to the console. The attack complexity is low; there are no attack requirements. Privileges...

PT-2025-40423

Name of the Vulnerable Software and Affected Versions secure access versions prior to 14.10 Description This issue is a cross-site scripting condition. An attacker with administrative access to the console can disrupt another administrator's access. The attack complexity is low, and no specific...

admin-console 安全漏洞

admin-console is an Agora core view management interface from Sequent open source. A security vulnerability exists in admin-console versions v1.2.0 through v1.6.7, which stems from improper handling of the /sys-api/role/update interface, which could lead to an SQL injection attack...

Linux Distros Unpatched Vulnerability : CVE-2009-1553

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web...

CVE-2025-8310

Missing authorization in the admin console of Ivanti Virtual Application Delivery Controller before version 22.9 allows a remote authenticated attacker to take over admin accounts by resetting the password...

CVE-2025-8310

Missing authorization in the admin console of Ivanti Virtual Application Delivery Controller before version 22.9 allows a remote authenticated attacker to take over admin accounts by resetting the password...

CVE-2025-8310

Missing authorization in the admin console of Ivanti Virtual Application Delivery Controller before version 22.9 allows a remote authenticated attacker to take over admin accounts by resetting the password...

CVE-2025-8310

Missing authorization in the admin console of Ivanti Virtual Application Delivery Controller before version 22.9 allows a remote authenticated attacker to take over admin accounts by resetting the password...

CVE-2025-8310

CVE-2025-8310 affects Ivanti Virtual Application Delivery Controller (vADC) prior to 22.9. The admin console lacks proper authorization, enabling a remote authenticated attacker to take over admin accounts by resetting passwords. The vulnerability is mitigated by updating to version 22.9 or later...

CVE-2025-8310

Missing authorization in the admin console of Ivanti Virtual Application Delivery Controller before version 22.9 allows a remote authenticated attacker to take over admin accounts by resetting the password...

Keycloak Privilege Escalation Vulnerability in Admin Console (FGAPv2 Enabled)

A Privilege Escalation vulnerability was identified in the Keycloak identity and access management solution, specifically when FGAPv2 is enabled in version 26.2.x. The flaw lies in the admin permission enforcement logic, where a user with manage-users privileges can self-assign realm-admin rights...

CVE-2025-5922 Retrievable password hash protecting TSplus admin console

Access to TSplus Remote Access Admin Tool is restricted to administrators unless "Disable UAC" option is enabled and requires a PIN code. In versions below v18.40.6.17 the PIN's hash is stored in a system registry accessible to regular users, making it possible to perform a brute-force attack usi...

GHSA-83J7-MHW9-388W Duplicate Advisory: Keycloak Privilege Escalation Vulnerability in Admin Console (FGAPv2 Enabled)

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-27gp-8389-hm4w. This link is maintained to preserve external references. Original Description A flaw was found in the Keycloak identity and access management system when Fine-Grained Admin Permissions FGAPv2 are...

CVE-2025-7784

CVE-2025-7784 - Keycloak FGAPv2 Privilege Escalation This entry describes a privilege-escalation vulnerability in Keycloak when Fine-Grained Admin Permissions (FGAPv2) are enabled. An administrative user who holds the manage-users role can elevate themselves to realm-admin due to improper privile...

Exploit for CVE-2025-52357

CVE-2025-52357 : Security Advisory: XSS in FD602GW-DX-R410 Rou...

CVE-2025-5196

A vulnerability has been found in Wing FTP Server up to 7.4.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Lua Admin Console. The manipulation leads to execution with unnecessary privileges. The attack can be launched remotely. The...

CVE-2025-5196

A vulnerability has been found in Wing FTP Server up to 7.4.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Lua Admin Console. The manipulation leads to execution with unnecessary privileges. The attack can be launched remotely. The...