152 matches found
PT-2026-34807
A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed scripts rather than server-side verification. An attacker with access to the login page could retrieve these...
Use of Client-Side Authentication
Overview Affected versions of this package are vulnerable to Use of Client-Side Authentication in the VCS oauth. An attacker can gain unauthorized access by exploiting weaknesses in the GitLab login mechanism or by deriving a JWT authentication token without requiring a server reboot. Remediation...
Use of Client-Side Authentication
Overview Affected versions of this package are vulnerable to Use of Client-Side Authentication in the VCS oauth. An attacker can gain unauthorized access by exploiting weaknesses in the GitLab login mechanism or by deriving a JWT authentication token without requiring a server reboot. Remediation...
RLSA-2026:2224 Critical: keylime security update
Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication CVE-2026-1709 For more details about the...
Exploit for Improper Certificate Validation in Apache Http_Server
Uefiscdi-Gov-Ro-Vulnerability- UNTESTED PAYLOADS, WAF-BYPASS,...
Exploit for Use of Client-Side Authentication in Necta Wifi_Mouse_Server
Paso 1 — Crear un payload REAL Windows msfvenom -p windows/x6...
CVE-2025-61940 Mirion Medical EC2 Software NMIS BioDose Use of Client-Side Authentication
NMIS/BioDose V22.02 and previous versions rely on a common SQL Server user account to access data in the database. User access in the client application is restricted by a password authentication check in the client software but the underlying database connection always has access. The latest...
CVE-2025-61940
NMIS/BioDose (versions before V22.02) uses a common SQL Server user account for database access, while the client app performs password authentication but the underlying DB connection maintains access. The latest release adds Windows authentication to the database, which would restrict the connec...
CVE-2025-12868
New Site Server developed by CyberTutor has a Use of Client-Side Authentication vulnerability, allowing unauthenticated remote attackers to modify the frontend code to gain administrator privileges on the website...
CVE-2025-12868
New Site Server developed by CyberTutor has a Use of Client-Side Authentication vulnerability, allowing unauthenticated remote attackers to modify the frontend code to gain administrator privileges on the website...
CVE-2025-12868
CVE-2025-12868 : The vulnerability affects CyberTutor’s New Site Server. Affected component is the client-side authentication mechanism, where unauthenticated remote attackers can modify frontend code and potentially gain administrator privileges on the website. Documented impact includes full ad...
CVE-2025-12868 CyberTutor|New Site Server - Use of Client-Side Authentication
New Site Server developed by CyberTutor has a Use of Client-Side Authentication vulnerability, allowing unauthenticated remote attackers to modify the frontend code to gain administrator privileges on the website...
CVE-2025-12868 CyberTutor|New Site Server - Use of Client-Side Authentication
New Site Server developed by CyberTutor has a Use of Client-Side Authentication vulnerability, allowing unauthenticated remote attackers to modify the frontend code to gain administrator privileges on the website...
EUVD-2025-41750
New Site Server developed by CyberTutor has a Use of Client-Side Authentication vulnerability, allowing unauthenticated remote attackers to modify the frontend code to gain administrator privileges on the website...
CyberTutor New Site Server 安全漏洞
CyberTutor New Site Server is a website builder system from CyberTutor, a Taiwan, China-based company. A security vulnerability exists in CyberTutor New Site Server that stems from the use of client-side authentication, which could allow an unauthenticated remote attacker to modify the front-end...
PT-2025-45594
Name of the Vulnerable Software and Affected Versions New Site Server affected versions not specified Description New Site Server, developed by CyberTutor, is affected by a Use of Client-Side Authentication issue. This allows unauthenticated remote attackers to modify the frontend code, potential...
CVE-2025-62650
The Restaurant Brands International RBI assistant platform through 2025-09-06 relies on client-side authentication for use of the diagnostic screen...
CVE-2025-62649
The Restaurant Brands International RBI assistant platform through 2025-09-06 relies on client-side authentication for submission of equipment orders...
CVE-2025-62650
The Restaurant Brands International RBI assistant platform through 2025-09-06 relies on client-side authentication for use of the diagnostic screen...
CVE-2025-62650
The Restaurant Brands International RBI assistant platform through 2025-09-06 relies on client-side authentication for use of the diagnostic screen...