30 matches found
CVE-1999-0361
NetWare version of LaserFiche stores usernames and passwords unencrypted, and allows administrative changes without logging...
EUVD-2007-3600
Malware in sbrugna...
EUVD-2014-0771
Malware in sbrugna...
EUVD-2021-1499
Malware in sbrugna...
EUVD-2016-9049
Malware in sbrugna...
EUVD-2022-41229
Malicious code in bioql PyPI...
CVE-2021-24799
The Far Future Expiry Header WordPress plugin before 1.5 does not have CSRF check when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2007-3616
index.php in vtiger CRM before 5.0.3 allows remote authenticated users to perform administrative changes to arbitrary profile settings via a certain profilePrivileges action in the Users module...
Octo Tempest cybercriminal group is “a growing concern”—Microsoft
Octo Tempest is believed to be a group of native English speaking cybercriminals that uses social engineering campaigns to compromise organizations all over the world. Initially the group made a name for itself by SIM swapping. SIM swapping, also known as SIM jacking, is the act of illegally taki...
CVE-2022-38656
HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes...
Design/Logic Flaw
HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes...
HCL Technologies HCL Commerce 安全漏洞
HCL Technologies HCL Commerce is a software platform framework for e-commerce from HCL Technologies, USA. The software includes marketing, sales, customer and order processing functionality in a customizable and integrated package. It is a unified platform that provides the ability to conduct...
CVE-2022-38656 HCL Commerce, when using Elasticsearch, could be affected by a denial of service vulnerability
HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes...
CVE-2022-38656 HCL Commerce, when using Elasticsearch, could be affected by a denial of service vulnerability
HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes...
Craft CMS Remote Code Injection
An issue was discovered in Craft CMS before 3.6.7. In some circumstances, a potential Remote Code Execution vulnerability existed on sites that did not restrict administrative changes if an attacker were somehow able to hijack an administrator's session...
CVE-2021-27903
An issue was discovered in Craft CMS before 3.6.7. In some circumstances, a potential Remote Code Execution vulnerability existed on sites that did not restrict administrative changes if an attacker were somehow able to hijack an administrator's session...
Remote code execution
An issue was discovered in Craft CMS before 3.6.7. In some circumstances, a potential Remote Code Execution vulnerability existed on sites that did not restrict administrative changes if an attacker were somehow able to hijack an administrator's session...
Cross site request forgery (csrf)
A CSRF vulnerability in Brocade Virtual Traffic Manager versions released prior to and including 11.0 could allow an attacker to trick a logged-in user into making administrative changes on the traffic manager cluster...
CVE-2016-8201
A CSRF vulnerability in Brocade Virtual Traffic Manager versions released prior to and including 11.0 could allow an attacker to trick a logged-in user into making administrative changes on the traffic manager cluster...
CVE-2016-8201
A CSRF vulnerability in Brocade Virtual Traffic Manager versions released prior to and including 11.0 could allow an attacker to trick a logged-in user into making administrative changes on the traffic manager cluster...