WordPress plugin StreamTube Core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An arbitrary user password change vulnerability exists in the WordPress StreamTube Core plugin that originates from providing user-controlled access to objects, allowing a user ...

Polska Akademia Dostępności CMS 安全漏洞

Polska Akademia Dostępności CMS is an accessible web content management system from Polska Akademia Dostępności, Poland. A security vulnerability exists in Polska Akademia Dostępności CMS that stems from improper initialization of password recovery parameters, which could lead to arbitrary user...

Authentication Bypass Vulnerability in CENTUM VP DCS System

The CENTUM VP DCS system is a Shun Control configuration application. An authentication bypass vulnerability exists in the CENTUM VP DCS system. An attacker can exploit the vulnerability to cause password disclosure or arbitrary password changes...

CVE-2017-6530

Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgwv1.02.0014 4.20 do not check password.shtml authorization, leading to Arbitrary password change...

The vulnerability of the Lepide Active Directory Self Service tool, which allows a malicious individual to change the passwords of arbitrary users

The vulnerability of the Lepide Active Directory Self Service tool is related to errors in the implementation of the password reset function. Exploiting this vulnerability could allow an attacker to change the passwords of arbitrary users through a specially created request...

Symantec Web Gateway contains multiple vulnerabilities

Overview The Symantec Web Gateway management console is vulnerable to remote command execution, local file inclusion, arbitrary password changes, and SQL injection. Description The Symantec SYM12-011 advisory states:"Symantec's Web Gateway management console is susceptible to multiple security...