EUVD-2023-60216

UliCMS 2023.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through mass assignment in the UserController. Attackers can send a crafted POST request to the admin index.php endpoint with specific parameters to generate an administrative...

The vulnerability of the CAS server of General Bytes Crypto Application Server, related to the manipulation of inter-site requests, allows a hacker to create a user with admin privileges and modify any data on the server at will.

The vulnerability of the CAS server of General Bytes Crypto Application Server is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to create a user with admin privileges and modify any data on the server at will...

Vulnerability of Microsoft Office software, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information

A vulnerability that allows for remote execution of code exists in Microsoft Office and is related to the processing of certain properties of Microsoft Word files. If a user with administrative privileges accesses the system, a malicious individual can gain full control over the system. They can...