The vulnerability of the password restoration mechanism of the Apex-VUZ system allows a hacker to obtain the email address associated with the restored password.

The vulnerability of the password restoration mechanism of the Apex-VUZ educational automation system is related to the disclosure of information. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain the email address associated with the recoverable password...

The vulnerability of the Apex-VUZ education automation system’s web interface allows a perpetrator to gain access to information about the profiles of all user accounts used.

The vulnerability of the Apex-VUZ education automation system’s web interface is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain access to information about all user accounts by sending a specially crafted request...

The vulnerability of the password reset mechanism of the Automation Education System Apex-VUZ allows a hacker to obtain the user’s password.

The vulnerability of the user password reset mechanism in the Apex-VUZ automation system is related to the use of the SHA-1 encryption algorithm, which lacks sufficient robustness. Exploiting this vulnerability could allow an attacker operating remotely to obtain the user’s password...

The vulnerability of the Apex-VUZ education automation system, related to the use of strictly encrypted user data, allows a perpetrator to gain full access to the software environment.

The vulnerability of the Apex-VUZ education automation system is related to the use of strictly encrypted user data. Exploiting this vulnerability could allow a malicious actor to gain full access to the software environment...

The vulnerability of the component responsible for creating new account records in the Apex-VUZ education automation system allows a perpetrator to cause service interruptions.

The vulnerability of the component responsible for creating new account records in the Apex-VUZ automation system is related to improper control of the interaction frequency. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending specially crafted POST...

The vulnerability of the log files of user operations in the Apex-VUZ automation system allows a perpetrator to gain access to authentication information.

The vulnerability of the logs of user operations in the Apex-VUZ automation system is related to the storage of passwords in an open format. Exploiting this vulnerability can allow a malicious actor to gain access to authentication information...

The vulnerability of the LoginForm and RegisterForm data transmission forms in the Apex-VUZ automation system allows a perpetrator to gain access to user account information.

The vulnerability of the LoginForm and RegisterForm data transmission forms in the Apex-VUZ automation system is related to the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to gain access to user credentials...

The vulnerability of the message exchange component of the system for loading user files in the Apex-VUZ education automation system allows a perpetrator to upload any files onto the server.

The vulnerability of the message exchange component of the system for loading user files in the Apex-VUZ education automation system is related to the unlimited loading of malicious files. Exploiting this vulnerability allows a remote attacker to load malicious files onto the server...

The vulnerability of the Apex-VUZ education automation system, related to insufficient access control, allows a perpetrator to download photos of profiles of all used accounts.

The vulnerability of the Apex-VUZ education automation system’s web interface is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to download photos of profiles of all user accounts by sending a specially crafted request...

PT-2022-6300 · Апекс-Вуз · Апекс-Вуз

Name of the Vulnerable Software and Affected Versions: Апекс-ВУЗ affected versions not specified Description: The issue is related to the transmission of data in open form through the LoginForm and RegisterForm in the Апекс-ВУЗ education automation system. This could allow a remote attacker to ga...

PT-2022-6295 · Unknown · Apex-Vuz Automation System

Name of the Vulnerable Software and Affected Versions: Apex-VUZ automation system affected versions not specified Description: The issue is related to the messaging component of the custom file upload module in the Apex-VUZ automation system. It involves the unrestricted upload of dangerous file...

PT-2022-6301 · Unknown · Apex-Vuz Automation System

Name of the Vulnerable Software and Affected Versions: Apex-VUZ automation system affected versions not specified Description: The issue is related to the component responsible for creating new accounts in the Apex-VUZ automation system. It is associated with inadequate control over interaction...