Cisco Duo Authentication Proxy Information Disclosure Vulnerability

A vulnerability in the debug logging function of Cisco Duo Authentication Proxy could allow an authenticated, high-privileged, remote attacker to view sensitive information in a system log file. This vulnerability is due to insufficient masking of sensitive information before it is written to...

CVE-2023-1337

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clearuucsslogs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete...

WordPress Plugin WPCode Lite 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

CVE-2022-29883

A vulnerability has been identified in SICAM T All versions V3.0. Affected devices do not restrict unauthenticated access to certain pages of the web interface. This could allow an attacker to delete log files without authentication...

NukeViet VMS 4.4.00 Cross Site Request Forgery

Exploit Title: NukeViet VMS 4.4.00 - Cross-Site Request Forgery Change Admin Password Date: 2020-05-18 Exploit Author: JEBARAJ Vendor Homepage: https://nukeviet.vn/ Software Link: https://github.com/nukeviet/nukeviet/releases/download/4.4.00/nukeviet4.4.00setup.zip Version: 4.4.00 Tested on:...