The vulnerability of the Ruijie EG-2000SE switch’s microprogramming software lies in the fact that passwords are stored in an open manner, allowing attackers to reset the passwords.

The vulnerability of the Ruijie EG-2000SE switch’s microprogramming software lies in the fact that passwords are stored in an open manner at /data/config.text. Exploiting this vulnerability allows a malicious actor to remotely reset the passwords...

CVE-2022-24387

With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...

SmarterTools SmarterTrack 代码问题漏洞

SmarterTools SmarterTrack is a customer service software from SmarterTools UK. It improves customer service and reduces support costs. SmarterTools SmarterTrack 100.0.8019.14010 A security vulnerability exists where an application using administrator or administrator privileges could be tricked...

DEBIAN-CVE-2019-0193

In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debuggi...

LinkEx 20120508 /data/config/config远程密码修改漏洞

LinkEx帮助您管理您的硬盘链接交换。 LinkEx中，在用户提交重置密码请求后会将验证身份用的key存放在/data/config/config文件中，如果没有响应的访问控制，恶意攻击者可以直接获取key，重置管理员账号密码进入后台。 0 LinkEx 20120508 目前没有详细解决方案： http://linkex.dk/...

LinkEx 20120508 /data/config/config 远程密码修改漏洞

No description provided by source...