3 matches found
GitLab 授权问题漏洞
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An authorization issue vulnerability exists in GitLab EE,...
Design/Logic Flaw
An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...
ProMinent MultiFLEX M10a Controller Password Disclosure Vulnerability
The MultiFLEX M10a Controller is a water treatment controller. A password disclosure vulnerability exists in the ProMinent MultiFLEX M10a Controller, where an authenticated user using the "Change Password" feature in the application specifies the user's current password in cleartext, allowing an...