CVE-2021-47741

ZBL EPON ONU Broadband Router V100R001 contains a privilege escalation vulnerability that allows limited administrative users to elevate access by sending requests to configuration endpoints. Attackers can exploit the vulnerability by accessing the configuration backup or password page to disclos...

CVE-2015-3613

A vulnerability exists in in FortiManager 5.2.1 and earlier and 5.0.10 and earlier in the WebUI FTP backup page...

CVE-2023-50017

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/database/backup...

CVE-2023-48791

An improper neutralization of special elements used in a command 'Command Injection' vulnerability CWE-77 in FortiPortal version 7.2.0, version 7.0.6 and below may allow a remote authenticated attacker with at least R/W permission to execute unauthorized commands via specifically crafted argument...

CVE-2023-48791

An improper neutralization of special elements used in a command 'Command Injection' vulnerability CWE-77 in FortiPortal version 7.2.0, version 7.0.6 and below may allow a remote authenticated attacker with at least R/W permission to execute unauthorized commands via specifically crafted argument...

CVE-2023-48791

An improper neutralization of special elements used in a command 'Command Injection' vulnerability CWE-77 in FortiPortal version 7.2.0, version 7.0.6 and below may allow a remote authenticated attacker with at least R/W permission to execute unauthorized commands via specifically crafted argument...

OpenEMR 跨站脚本漏洞

OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. A security vulnerability exists in OpenEMR versions prior to 7.0.0.1, which stems...

Reflected Cross Site Scripting in OpenEMR 7.0.0 and below at backup

Description We would like to report the vulnerability we found during software testing. The OpenEMR 7.0.0 latest version and below version Open Source electronic health records and medical practice management application has Reflected Cross Site Scripting vulnerability in the formstatus parameter...

CMSimple_XH 1.7.4 - Remote Code Execution (Authenticated) Exploit

Exploit Title: CMSimpleXH 1.7.4 - Remote Code Execution RCE Authenticated Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.cmsimple-xh.org/ Software Link: https://www.cmsimple-xh.org/?Downloads Version: 1.7.4 Category: Webapps Tested on: Linux/Windows CMSimpleXH is an open sour...

CMSimple_XH 1.7.4 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: CMSimpleXH 1.7.4 - Remote Code Execution RCE Authenticated Date: 01-10-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.cmsimple-xh.org/ Software Link: https://www.cmsimple-xh.org/?Downloads Version: 1.7.4 Category: Webapps Tested on: Linux/Windows CMSimpleX...

CMSimple_XH 1.7.4 Remote Command Execution

Exploit Title: CMSimpleXH 1.7.4 - Remote Code Execution RCE Authenticated Date: 01-10-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.cmsimple-xh.org/ Software Link: https://www.cmsimple-xh.org/?Downloads Version: 1.7.4 Category: Webapps Tested on: Linux/Windows CMSimpleX...

CVE-2019-4724

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain credentials from a user's browser via incorrect autocomplete settings in New Content Backup page. IBM X-Force ID: 172130...

IBM Cognos Analytics 授权问题漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. An authorization issue...

CVE-2015-3613

FortiManager VM and FortiManager appliances with versions 5.2.1 and earlier, and 5.0.10 and earlier, expose a privilege management vulnerability in the WebUI FTP backup page. The issue, confirmed by multiple sources, can be exploited to compromise confidentiality, integrity, and availability of t...

smallvillecomiccon.com Improper Access Control vulnerability

Open Bug Bounty ID: OBB-614738 Description| Value ---|--- Affected Website:| smallvillecomiccon.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...

Xuzhou Huawei Information Technology Co., Ltd. electronic document management system with ultra vires operational vulnerabilities

Xuzhou City, China Network Information Technology Co., Ltd. electronic document management system is to achieve the school's electronic documents such as electronic lesson plans, classroom materials, rules and regulations, management documents, audio-visual materials, photographs, etc.,...

Hearing when the vulnerability of a summary-vulnerability warning-the black bar safety net

In online there are also what news when the three tricks of the article..but I personally think that sometimes by that of three or invasion of the not as version of the update The following article summarized from the Black anti-last year the 9th issue of the magazine on the content... 先 说 一 个 注入...

Four of the General government, CMS management system vulnerability-vulnerability warning-the black bar safety net

This article has been published in the hack Defense 2 0 0 9. 5 period of,reproduced be sure to keep this information QQ friends of small building to listen to rain to say their school site is using the four through the government grid is set, let me check its safety. Just the hands on work done,...