WordPress plugin HAPPY 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

Microsoft Windows Active Directory 授权问题漏洞

Microsoft Windows Active Directory is a centralized directory management service provided by Microsoft for managing large-scale network environments. It stores information about objects on the network, enabling administrators and users to easily find and use this information. There are...

WordPress plugin Super Custom Login 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin Make My Trivia 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Student Management System 授权问题漏洞

Student Management System is a student management system developed by Krishanmurariji. There are authorization-related vulnerabilities in this system; these vulnerabilities stem from incorrect handling of parameters named “Name” in the file/viva/update.php, which may lead to improper authorizatio...

Open edX Platform 授权问题漏洞

The Open edX Platform is an open-source course management system developed by Open edX. This system can be used for MOOCs Massive Open Online Courses as well as smaller courses and training modules. The Open edX Platform, from Maple versions up to ulmo, had authorization-related vulnerabilities...

ZITADEL 授权问题漏洞

ZITADEL is a modern open-source alternative to Auth0, Firebase Auth, AWS Cognito, and Keycloak, developed by ZITADEL in Switzerland. Versions 4.0.0 to 4.12.0 of ZITADEL contain authorization vulnerabilities. These vulnerabilities stem from the login V2 user interface, which allows bypasses of log...

FunAdmin 授权问题漏洞

FunAdmin is an open-source backend development system developed using ThinkPHP6 and Layui. Versions of FunAdmin 7.1.0-rc4 and earlier have authorization-related vulnerabilities. These vulnerabilities stem from incorrect operations on the setConfig function in the component Configuration Handler...

ssm-erp和production_ssm 授权问题漏洞

productionssm is an ERP system developed by MegaGao’s individual developers using Spring+SpringMVC+Mybatis and jQuery EasyUI. ssm-erp is a production management ERP system developed by fenghaha’s individual developers. There are authorization issues between ssm-erp and productionssm...

WordPress plugin Cliengo 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Outline 授权问题漏洞

Outline is an open-source knowledge base developed by Outline. Versions prior to Outline 1.1.0 had issues with authorization vulnerabilities. These vulnerabilities stemmed from defects in the WebSocket authentication mechanism, which could allow suspended users to maintain or establish real-time...

CVE-2024-41140

Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the incorrect authorization in the update user function...

EUVD-2014-2886

Malware in sbrugna...

EUVD-2018-0775

Malware in sbrugna...

EUVD-2021-11734

Malware in sbrugna...

CVE-2020-10083

GitLab 12.7 through 12.8.1 has Insecure Permissions. Under certain conditions involving groups, project authorization changes were not being applied...

Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to Improper and Incorrect Authorization and SQL Injection in Vault (CVE-2023-0665, CVE-2023-24999, CVE-2023-0620)

Summary Vault is used by IBM Storage Fusion Data Foundation as part of user authentication. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2023-0665, CVE-2023-24999, CVE-2023-0620. Vulnerability Details CVEID:CVE-2023-0665...

Researchers Warn of Flaws in Widely Used Industrial Gas Analysis Equipment

Multiple security flaws have been disclosed in Emerson Rosemount gas chromatographs that could be exploited by malicious actors to obtain sensitive information, induce a denial-of-service DoS condition, and even execute arbitrary commands. The flaws impact GC370XA, GC700XA, and GC1500XA and resid...

CVE-2024-23665

Multiple improper authorization vulnerabilities CWE-285 in FortiWeb version 7.4.2 and below, version 7.2.7 and below, version 7.0.10 and below, version 6.4.3 and below, version 6.3.23 and below may allow an authenticated attacker to perform unauthorized ADOM operations via crafted requests...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. Huawei HarmonyOS is vulnerable to authorization issues. The vulnerability stems from a lack of authentication measures or insufficient authentication strength in the network system or product. An attacker could exploit this...