CVE-2009-4765

CNR Hikaye Portal 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/hikaye.mdb...

EUVD-2009-4728

Malware in sbrugna...

CLSA-2024-1728297376 kernel: Fix of 13 CVEs

btrfs: fix use-after-free after failure to create a snapshot CVE-2022-48733 - hwmon: nct6775-core Fix underflows seen when writing limit attributes CVE-2024-46757 - wifi: mac80211: Avoid address calculations via out of bounds array indexing CVE-2024-41071 - netfilter: conntrack: dccp: copy entire...

CVE-2021-4439

In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr-cnr to avoid array index out of bound The cmtpaddconnection would add a cmtp session to a controller and run a kernel thread to process cmtp. modulegetTHISMODULE; session-task = kthreadruncmtpsession, sessio...

CVE-2021-4439 isdn: cpai: check ctr->cnr to avoid array index out of bound

In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr-cnr to avoid array index out of bound The cmtpaddconnection would add a cmtp session to a controller and run a kernel thread to process cmtp. modulegetTHISMODULE; session-task = kthreadruncmtpsession, sessio...

Zyxel CloudCNM SecuManager 安全漏洞

Zyxel CloudCNM SecuManager is a set of network management software from China Hopkins Zyxel. The software supports centralized control, device management and intelligent monitoring. A security vulnerability exists in Zyxel CloudCNM SecuManager version 3.1.0 and 3.1.1, which is caused by a GET...

Malicious code in fed-cnr-pagelet (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware abff6acba0d7dfda3ce1407c7c9c994815e4463231fdf7d069691c3dc0e12c38 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

laral.istc.cnr.it Cross Site Scripting vulnerability OBB-2644426

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

minerva.ic.cnr.it Cross Site Scripting vulnerability OBB-2379381

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

votazioni.cnr.it Cross Site Scripting vulnerability OBB-1455355

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

ZyXEL CloudCNM SecuManager Access Control Error Vulnerability

ZyXEL CloudCNM SecuManager is a set of network management software from Taiwan, China-based ZyXEL. The software supports centralized control, device management and intelligent monitoring. A security vulnerability exists in ZyXEL CloudCNM SecuManager version 3.1.0 and 3.1.1, which stems from the...

Authentication flaw

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /cnr requests...

CVE-2020-15336

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /cnr requests...

greyguiderep.isti.cnr.it Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1142352 Security Researcher g0bl1nsec Helped patch 3754 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting greyguiderep.isti.cnr.it...

urp.cnr.it XSS vulnerability

Open Bug Bounty ID: OBB-699090 Description| Value ---|--- Affected Website:| urp.cnr.it Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Open Upload 3.6.28 Cross site Scripting

======================================================================== | Title : Openupload 3.6.28 Xss vulnerability | Author : indoushka | email : [email protected] | Tested on : windows 10 FranASSais V.Pro | Version : 3.6.28 | Vendor : http://wmscripti.com/ | Dork : open upload - login...

cnr-dz.com XSS vulnerability

Open Bug Bounty ID: OBB-213898 Description| Value ---|--- Affected Website:| cnr-dz.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Improper access control

CNR Hikaye Portal 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/hikaye.mdb...

CVE-2009-4765

CNR Hikaye Portal 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/hikaye.mdb...

CVE-2009-4765

CVE-2009-4765 affects CNR Hikaye Portal 2.0. The issue is insufficient access control allowing remote attackers to download the database by requesting db/hikaye.mdb from the web root. Connected documents corroborate the same description across Red Hat and NVD sources. No explicit exploit details,...