4 matches found
CVE-2025-64281
An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to access the admin panel without admin credentials...
acme.sh 安全漏洞
acme.sh is a scripting tool in the acme.sh open source. A security vulnerability exists in versions of acme.sh prior to 40b6db6, which stems from a missing persist-credentials: false configuration in the github/workflows/dockerhub.yml file on which the Docker image is based...
Referrer spoofing bug
Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely ...
CVE-2007-4240
The checklogout function in class/auth.php in Help Center Live hcl 2.1.3a sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to delete administrative users and have other unspecified impact via certain requests to 1...