55 matches found
EUVD-2026-28950
A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been ma...
CVE-2026-8216
A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This issue affects the function iasServerRemoteInterface.doAction of the component Java RMI Session Management. Such manipulation leads to improper authentication. The attack can be launched remotely. The vendo...
CVE-2026-8216 Industrial Application Software IAS Canias ERP Java RMI Session Management iasServerRemoteInterface.doAction improper authentication
A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This issue affects the function iasServerRemoteInterface.doAction of the component Java RMI Session Management. Such manipulation leads to improper authentication. The attack can be launched remotely. The vendo...
CVE-2026-8214
A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been ma...
CVE-2026-8214 Industrial Application Software IAS Canias ERP RMI doAction improper authentication
A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been ma...
PT-2026-39466
A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results in observable response discrepancy. The attack is possible to be carried out remotely. A high...
Canias ERP 安全漏洞
Canias ERP is a comprehensive management system developed by the Swiss company Canias, covering enterprise resource planning and business process management. Version 8.03 of Canias ERP contains a security vulnerability. This vulnerability stems from observed differences in the response of the...
Canias ERP 授权问题漏洞
Canias ERP is a comprehensive management system developed by the Swiss company Canias, covering enterprise resource planning and business process management. Version 8.03 of Canias ERP contains an authorization vulnerability; this vulnerability stems from the function...
Exploit for CVE-2024-54820
Vulnerability: Unauthenticated SQL Injection - Clear Credentia...
PT-2024-14329 · Yonbip · Yonbip
Name of the Vulnerable Software and Affected Versions: YonBIP version 3 23.05 Description: An arbitrary file upload vulnerability in the doAction method of nccloud.web.arcp.taskmonitor.action.ArcpUploadAction allows attackers to execute arbitrary code via uploading a crafted file. Recommendations...
WordPress: PII of users can be downloaded from export pages
Sensitive personally identifiable information PII of users, including their name, email, phone number, role, and organization, was exposed on the https://doaction.org/ website. The PII was found in CSV files that could be downloaded from various endpoints on the website, which could be enumerated...
CVE-2019-12362
EmpireCMS 7.5.0 has XSS via the HTTP Referer header to e/member/doaction.php...
CVE-2019-7648
controller/fetchpwd.php and controller/doAction.php in HotelsServer through 2018-11-05 rely on base64 in an attempt to protect password storage...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Pivot 1.40.4 and 1.40.7 allow remote attackers to inject arbitrary web script or HTML via the 1 menu or 2 sort parameter to pivot/index.php, 3 the value of a check array parameter in a delete action to pivot/index.php, 4 the element name in a...
CVE-2009-2133
Multiple cross-site scripting XSS vulnerabilities in Pivot 1.40.4 and 1.40.7 allow remote attackers to inject arbitrary web script or HTML via the 1 menu or 2 sort parameter to pivot/index.php, 3 the value of a check array parameter in a delete action to pivot/index.php, 4 the element name in a...