15 matches found
CVE-2026-50214
The /v1/Plan service relies entirely on a shared global API token for full administrative management, allowing arbitrary creation of zero-cost network access plans...
EUVD-2012-0404
Malware in sbrugna...
EUVD-2024-32979
Malicious code in bioql PyPI...
EUVD-2024-32978
Malicious code in bioql PyPI...
CVE-2024-10201
Administrative Management System from Wellchoose does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells...
CVE-2024-10202 Wellchoose Administrative Management System - OS Command Injection
Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands...
CVE-2024-10201 Wellchoose Administrative Management System - Arbitrary File Upload
Administrative Management System from Wellchoose does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells...
Wellchoose Administrative Management System 安全漏洞
Wellchoose Administrative Management System is an administrative management system from China Weiweiqiao Information Wellchoose Company. A security vulnerability exists in the Wellchoose Administrative Management System. A remote attacker could exploit this vulnerability to download arbitrary fil...
Wellchoose Administrative Management System 操作系统命令注入漏洞
The Wellchoose Administrative Management System is an administrative management system from China Wellchoose. The Wellchoose Administrative Management System suffers from an operating system command injection vulnerability. A remote attacker could inject and execute arbitrary operating system...
PT-2024-16116 · Wellchoose · Administrative Management System
Name of the Vulnerable Software and Affected Versions: Administrative Management System from Wellchoose affected versions not specified Description: The Administrative Management System from Wellchoose has an OS Command Injection issue, allowing remote attackers with regular privileges to inject...
PT-2024-16114 · Wellchoose · Administrative Management System
Name of the Vulnerable Software and Affected Versions: Administrative Management System from Wellchoose affected versions not specified Description: The Administrative Management System from Wellchoose has a Path Traversal issue, allowing unauthenticated remote attackers to exploit this...
Improper access control
Incorrect Access Control in the Administrative Management Interface in SimplyBook.me Enterprise before 2019-04-23 allows Authenticated Low-Priv Users to Elevate Privileges to Full Admin Rights via a crafted HTTP PUT Request, as demonstrated by modified JSON data to a /v2/rest/ URI...
CVE-2019-11489
CVE-2019-11489 affects SimplyBook.me Enterprise (older releases) where the Administrative Management Interface enforces incorrect access control. Affected: authenticated low-privilege users; vulnerability allows elevation to full admin rights via a crafted HTTP PUT to a /v2/rest/ endpoint with mo...
Improper access control
A vulnerability in the web proxy functionality of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device, aka an Access Control Bypa...
Design/Logic Flaw
The administrative management interface on Cisco Wireless LAN Controller WLC devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allows remote attackers to cause a denial of service device crash via a malformed URL in an HTTP request, aka B...