Siemens SINEC NMS 访问控制错误漏洞

Siemens SINEC NMS is a network management system NMS from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. An access control error vulnerability exists in Siemens SINEC NMS,...

CVE-2025-4473

The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the ajaxrequest function in versions 1.0 to 2.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to control where the plugin sends...

CVE-2025-4104

The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fedwpajaxfedloginformpost function in versions 1.0 to 2.2.6. This makes it possible for unauthenticated attackers to reset the administrator’s email and password, and elevate...

CVE-2023-22451 Weak password requirements in Kiwi TCMS

Kiwi TCMS is an open source test management system. In version 11.6 and prior, when users register new accounts and/or change passwords, there is no validation in place which would prevent them from picking an easy to guess password. This issue is resolved by providing defaults for the...

OneBlog License Issues Vulnerabilities

OneBlog is a beautiful, powerful Java blog. An authorization issue vulnerability exists in OneBlog v2.3.4, which stems from the presence of insecure privileges in the program, and can be exploited by an attacker to allow a low-level administrator to reset the password of a high-level administrato...

AD Starter Scan - Blank passwords

Binary data adsiblankpwd.nbin...