CVE-2021-43946

Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to add administrator groups to filter subscriptions via a Broken Access Control vulnerability in the /secure/EditSubscription.jspa endpoint. The affected versions are before version 8.13.21, and from...

Cross site request forgery (csrf)

A cross site request forgery CSRF vulnerability in the /xyhai.php?s=/Auth/editUser URI of XYHCMS V3.6 allows attackers to edit any information of the administrator such as the name, e-mail, and password...

Netgear WNR2000 FW 1.2.0.8 Disclosure

Dere is several mino' vulnerabilities on de Netgear WNR2000 wireless routa' runnin' firmware 1.2.0.8. 1. Unaudenticated disclosho' man uh WPA/WPA2 passwo'd, dig dis: Simply request widout audenticashun: http://netgear/router-info.htm http://netgear/cgi-bin/router-info.htm De routa' gots'ta respon...

[Full-disclosure] RSA Keyon Log verification bypass vulnerability

Arhont Ltd.- Information Security Arhont Advisory by: Andrei Mikhailovsky Advisory: RSA Keon Manager log verification bypass Product release: Versions 6.6 and 6.5.1 Arhont ref: arh200605-1 Class: Design flaw Model Specific: Other versions of RSA Keon are likely to be vulnerable DETAILS: During th...