Malicious code in @zalastax/nolb-axl (npm)

The package @zalastax/nolb-axl was found to contain malicious code...

MAL-2025-10747 Malicious code in @zalastax/nolb-axl (npm)

The package @zalastax/nolb-axl was found to contain malicious code...

PHOENIX CONTACT多款产品 安全漏洞

PHOENIX CONTACT AXL F BK PN etc. are products of PHOENIX CONTACT, Germany.PHOENIX CONTACT AXL F BK PN is a bus coupler.PHOENIX CONTACT AXL F BK PN TPS etc. are products of PHOENIX CONTACT, Germany.PHOENIX CONTACT AXL F BK PN TPS is a bus coupler. Phoenix Contact AXL F BK PN TPS is a Bus Coupler...

Input validation

A vulnerability in the Administrative XML Web Service AXL API of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affect...

CVE-2023-20116

CVE-2023-20116 affects Cisco Unified Communications Manager (CUCM) and CVM Session Management Edition (Unified CM SME). The issue is an input-validation vulnerability in the Administrative XML Web Service (AXL) API’s Self Care Portal UI, where crafted HTTP input sent by an authenticated remote at...

Cisco Unified Communications Manager Denial of Service Vulnerability

A vulnerability in the Administrative XML Web Service AXL API of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affect...

axl-jewelry.com Improper Access Control vulnerability OBB-2205257

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2021-33540

In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented password protected FTP access to the root directory exists...

CVE-2021-33540

The CVE affects Phoenix Contact AXL F BK and IL BK devices, where an undocumented password-protected FTP access to the root directory exists. The root cause is an insecure/undocumented FTP auth path, enabling access to the device’s root filesystem. The available data indicate a high-severity impa...

Phoenix Contact AXL F BK and IL BK 信任管理问题漏洞

Phoenix Contact AXL F BK PN is a bus coupler from Phoenix Contact, Germany. A security vulnerability exists in the Phoenix Contact AXL F BK and IL BK that stems from the program having undocumented password-protected FTP access to the root directory...

UBBCentral UBB.Threads 6.0 - 'Printthread.php' SQL Injection

// source: https://www.securityfocus.com/bid/13253/info It is reported that UBB.threads is prone to an SQL injection vulnerability. The SQL injection vulnerability is reported to affect the 'printthread.php' script. UBB.threads 6.0 is reported prone to this issue. It is likely that other versions...

IpbProArace 2.5.x SQL injection.

i have found an sql injection in the popular ipbproarcade mod for ipb systems 1.x and 2.x the vuln exists in the "category" field. buy using this field it is possible to inject any sql query and compemise the entire forum system p.o.c for ipb 1.x...