11 matches found
PT-2026-21781
Name of the Vulnerable Software and Affected Versions Genetec Update Service affected versions not specified Description A local administrator may be able to obtain information from the Genetec Update Service configuration web page. An authenticated Windows user with administrator privileges coul...
EUVD-2021-10771
Malware in sbrugna...
PT-2025-23783
Name of the Vulnerable Software and Affected Versions EIBPORT V3 KNX versions 3.9.8 and earlier EIBPORT V3 KNX GSM versions 3.9.8 and earlier Description This issue allows a successful attacker to gain unauthorized access to a configuration web page delivered by the integrated web server of...
CVE-2021-23845
This vulnerability could allow an attacker to hijack a session while a user is logged in the configuration web page. This vulnerability was discovered by a security researcher in B426 and found during internal product tests in B426-CN/B429-CN, and B426-M and has been fixed already starting from...
Design/Logic Flaw
This vulnerability could allow an attacker to hijack a session while a user is logged in the configuration web page. This vulnerability was discovered by a security researcher in B426 and found during internal product tests in B426-CN/B429-CN, and B426-M and has been fixed already starting from...
CVE-2021-23845 B426 Web Configuration Authentication Bypass
This vulnerability could allow an attacker to hijack a session while a user is logged in the configuration web page. This vulnerability was discovered by a security researcher in B426 and found during internal product tests in B426-CN/B429-CN, and B426-M and has been fixed already starting from...
CVE-2012-1838
CVE-2012-1838 affects the LG-Nortel ELO GS24M switch. The web management interface allows remote attackers to bypass authentication and access cleartext credentials and configuration information by directly requesting a configuration web page. This is reflected in the NVD entry (base score 5.0, C...
CVE-2006-4661
AOL ICQ Toolbar 1.3 for Internet Explorer toolbaru.dll does not properly validate the origin of the configuration web page options2.html, which allows user-assisted remote attackers to provide a web page that contains disguised checkboxes that trick the user into reconfiguring the toolbar...
Default credentials
Oi! Email Marketing System 3.0 aka Oi! 3 stores the server's FTP password in cleartext on a Configuration web page, which allows local users with superadministrator privileges, or attackers who have obtained access to the web page, to view the password...
CVE-2006-0920
Oi! Email Marketing System 3.0 aka Oi! 3 stores the server's FTP password in cleartext on a Configuration web page, which allows local users with superadministrator privileges, or attackers who have obtained access to the web page, to view the password...
CVE-2006-0920
Oi! Email Marketing System 3.0 aka Oi! 3 stores the server's FTP password in cleartext on a Configuration web page, which allows local users with superadministrator privileges, or attackers who have obtained access to the web page, to view the password...