5 matches found
CVE-2026-33569
The CVE-2026-33569 issue affects Anviz CX2 Lite and CX7 where administrative sessions run over HTTP, exposing credentials and session data to on‑path attackers. Affected component: administrative session handling over non-HTTPS connections; root cause: cleartext transmission of sensitive informat...
CVE-2025-34198
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.951 and Application prior to 20.0.2368 VA and SaaS deployments contain shared, hardcoded SSH host private keys in the appliance image. The same private host keys RSA, ECDSA, and ED25519 are present across...
Shopify: Reflective Cross-site Scripting via Newsletter Form
.myshopify.com is vulnerable to a reflective cross-site scripting attack in the newsletter form. This can be crafted to trigger on a page load without any further user interaction. The following example url shows this vulnerability:...
ACROS Security: HTML Injection in BEA WebLogic Server Console (1)
=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2005-05-24-1 ------------------------------------------------------------------------- ASPR 2005-05-24-1: HTML Injection in BEA WebLogic Server Console 1...
ACROS Security: Session Fixation in JRun Management Console
=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2004-10-14-2 ------------------------------------------------------------------------- ASPR 2004-10-14-2: Session Fixation in JRun Management Console...