344 matches found
CVE-2023-33854
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 could allow an authenticated user to bypass client-side validation and manipulate input data using man in the middle techniques...
CVE-2023-33854
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data are affected (versions 4.8, 5.0, 5.1, 5.2, 5.3). The issue allows an authenticated user to bypass client-side validation and manipulate input data via man-in-the-middle techniques. Underlying impact is HIGH for integrity, with ...
motionEye 0.43.1b4 - RCE
Exploit Title: motionEye 0.43.1b4 - RCE Exploit PoC: motionEye RCE via client-side validation bypass safe PoC Filename: motioneyercepocedb.txt Author: prabhatverma47 Date tested: 2025-05-14 original test; prepared for submission: 2025-10-11 Affected Versions: motionEye = 0.43.1b4 Tested on: Debia...
📄 motionEye 0.43.1b4 Remote Code Execution
Client-side validation in motionEye's web UI can be bypassed via overriding the JS validation function. Arbitrary values including shell interpolation syntax can be saved into the motion config. When motion is restarted, the motion process interprets the config and can execute shell syntax embedd...
CVE-2025-61546
There is an issue on the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69 that enables remote attacker to create financial discrepancies by purchasing items with a negative quantity. This vulnerability is possible d...
CVE-2025-61546
There is an issue on the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69 that enables remote attacker to create financial discrepancies by purchasing items with a negative quantity. This vulnerability is possible d...
CVE-2025-61546
There is an issue on the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69 that enables remote attacker to create financial discrepancies by purchasing items with a negative quantity. This vulnerability is possible d...
CVE-2025-61546
There is an issue on the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69 that enables remote attacker to create financial discrepancies by purchasing items with a negative quantity. This vulnerability is possible d...
edu Business Solutions Print Shop Pro WebDesk 安全漏洞
edu Business Solutions Print Shop Pro WebDesk is a print order management system from US-based edu Business Solutions. A security vulnerability exists in edu Business Solutions Print Shop Pro WebDesk version 18.34, which stems from insufficient validation of client-side inputs and could lead to a...
CVE-2025-61546
CVE-2025-61546 affects edu Business Solutions Print Shop Pro WebDesk 18.34. The issue is in the GetUnitPrice API at /PSP/appNET/Store/CartV12.aspx, caused by reliance on client-side input validation, allowing a remote attacker to create financial discrepancies by purchasing items with a negative ...
PT-2026-1827
Name of the Vulnerable Software and Affected Versions edu Business Solutions Print Shop Pro WebDesk version 18.34 Description A flaw exists in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice API endpoint that allows a remote attacker to create financial discrepancies. This is possible by purchasi...
CVE-2019-25235 Smartwares HOME easy 1.0.9 Client-Side Authentication Bypass via Web Pages
Smartwares HOME easy 1.0.9 contains an authentication bypass vulnerability that allows unauthenticated attackers to access administrative web pages by disabling JavaScript. Attackers can navigate to multiple administrative endpoints and to bypass client-side validation and access sensitive system...
CVE-2019-25235 Smartwares HOME easy 1.0.9 Client-Side Authentication Bypass via Web Pages
Smartwares HOME easy 1.0.9 contains an authentication bypass vulnerability that allows unauthenticated attackers to access administrative web pages by disabling JavaScript. Attackers can navigate to multiple administrative endpoints and to bypass client-side validation and access sensitive system...
CVE-2019-25235
The CVE-2019-25235 entry concerns Smartwares HOME easy 1.0.9, where an authentication bypass vulnerability allows unauthenticated attackers to access administrative web pages by disabling JavaScript. This enables navigation to multiple administrative endpoints and bypass of client-side validation...
EUVD-2018-18648
Malware in sbrugna...
EUVD-2018-4658
Malware in sbrugna...
EUVD-2013-1285
Malware in sbrugna...
EUVD-2021-11247
Malware in sbrugna...
EUVD-2021-16273
Malware in sbrugna...
EUVD-2015-4645
Malware in sbrugna...