6 matches found
CVE-2026-30689
In Blog.Core through bcb4d17, the getinfobytoken API interface contains improper access control that leads to sensitive data exposure. Unauthorized parties can obtain sensitive administrator account information via a valid token, threatening system security. NOTE: Blog.Admin is related front-end...
PT-2025-34502 · Liferay · Liferay Portal +1
Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.4.0 through 7.4.3.131 Liferay DXP versions 2024.Q1.1 through 2024.Q1.15 Liferay DXP versions 2024.Q2.0 through 2024.Q2.13 Liferay DXP versions 2024.Q3.1 through 2024.Q3.13 Liferay DXP versions 2024.Q4.0 through...
CVE-2024-57698
An issue in modernwms v.1.0 allows an attacker view the MD5 hash of the administrator password and other attributes without authentication, even after initial configuration and password change. This happens due to excessive exposure of information and the lack of adequate access control on the...
The vulnerability of the SonicWall Analytics analytical service and the SonicWall Global Management System’s global network gateways, related to the lack of protection for administrative data, allows a hacker to read the administrator’s password hash.
The vulnerability of the SonicWall Analytics analytical service and the SonicWall Global Management System’s global network gateways is related to the lack of protection for administrative data. Exploiting this vulnerability allows a malicious actor to read the administrator’s password hash throu...
CVE-2021-3604
Secure 8 Evalos does not validate user input data correctly, allowing a remote attacker to perform a Blind SQL Injection. An attacker could exploit this vulnerability in order to extract information of users and administrator accounts stored in the database...
SQL Injection Vulnerability in the front-end pa***.asp file of Eco Times Enterprise Online Bookkeeping Management System
EcoTime Enterprise Online Bookkeeping Management System is an online bookkeeping software for small and medium-sized enterprises, stores, etc. It is suitable for managing cash flow accounts, accounts receivable and payable accounts, as well as company bookkeeping and other related financial...