11 matches found
CVE-2026-21629
CVE-2026-21629 concerns Joomla! Core: the admin-area ajax component (com_ajax) was excluded from the default logged-in-user access check, creating an access-control vulnerability. Multiple sources describe this as ACL-related hardening in com_ajax, with the issue tracked across CVE listings and O...
PT-2026-29501
Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The ajax component was excluded from the default logged-in-user check in the administrative area, which may have been unexpected by third-party developers...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
EUVD-2025-198720
Malicious code in korea-administrative-area-geo-json-util npm...
Malicious code in korea-administrative-area-geo-json-util (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3e5fc5ac9320c5c6de500011362abf25bbbebf4427f272bef9a58fa0d5c0f03 The package korea-administrative-area-geo-json-util was found to contain malicious code. Source: ghsa-malware...
CVE-2024-1632
Low-privileged users with access to the Sitefinity backend may obtain sensitive information from the site's administrative area...
CVE-2024-1632
CVE-2024-1632 is a vulnerability in Progress Sitefinity CMS where low-privileged users with backend access can obtain sensitive information from the administrative area. The connected sources confirm the issue affects the Sitefinity backend and constitutes an information disclosure (confidentiali...
PT-2024-18180 · Progress · Sitefinity
Name of the Vulnerable Software and Affected Versions: Sitefinity affected versions not specified Description: Low-privileged users with access to the Sitefinity backend may obtain sensitive information from the site's administrative area. Recommendations: At the moment, there is no information...
Progress Sitefinity Security Breach
Progress Sitefinity is an open source platform for building corporate websites and intranets. A security vulnerability exists in Progress Sitefinity, which can be exploited to obtain sensitive information through the site administrative area by a user with access to the Sitefinity backend...
FlexWATCH 3.0 - AIndex.asp Authentication Bypass
FlexWATCH 3.0 - AIndex.asp Authentication Bypass source: https://www.securityfocus.com/bid/18948/info FlexWatch is prone to an authorization-bypass vulnerability. This issue is due to a failure in the application to properly verify user-supplied input. An attacker can exploit this issue to bypass...
FlexWATCH 3.0 - 'AIndex.asp' Authentication Bypass
source: https://www.securityfocus.com/bid/18948/info FlexWatch is prone to an authorization-bypass vulnerability. This issue is due to a failure in the application to properly verify user-supplied input. An attacker can exploit this issue to bypass the authorization mechanism. This allows the...