5 matches found
CVE-2025-15016 Ragic|Enterprise Cloud Database - Hard-coded Cryptographic Key
Enterprise Cloud Database developed by Ragic has a Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information and log into the system as any user...
WordPress Plugin BookIt 访问控制错误漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
SUSE CVE-2023-3326
pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...
Ltd. happy city localized e-commerce APP has logic flaws vulnerability
Happy Merchant App is a store management software that serves merchant users. There is a logic flaw vulnerability in the Happy City localized e-commerce APP of Jiangsu Patrol Network Technology Co. Attackers can utilize the vulnerability to log in to the system with any user including the merchan...
UBUNTU-CVE-2017-1000433
pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password...