CVE-2018-25420

AiOPMSD Final 1.0.0 contains an SQL injection in watch.php where the id parameter can be crafted via GET requests to execute arbitrary SQL. The vulnerability allows unauthenticated attackers to extract sensitive data, including usernames, database names, and version details. Affected component is...

CVE-2020-37115

GUnet OpenEclass 1.7.3 stores user credentials in plaintext, allowing administrators to view all registered users' usernames and passwords without encryption. This vulnerability exposes sensitive information and increases the risk of credential theft and unauthorized access...

PTZOptics PT30X-SDI/NDI-xx 安全漏洞

PTZOptics PT30X-SDI/NDI-xx is a series of HD cameras from PTZOptics. A security vulnerability exists in PTZOptics PT30X-SDI/NDI-xx versions prior to 6.3.40 that stems from insufficient authentication. An attacker exploiting this vulnerability could disclose sensitive data such as usernames,...

CVE-2017-3764

A vulnerability was identified in Lenovo XClarity Administrator LXCA before 1.4.0 where LXCA user account names may be exposed to unauthenticated users with access to the LXCA web user interface. No password information of the user accounts is exposed...