CVE-2024-50618

A Use of Single-factor Authentication vulnerability in the Authentication component of CIPPlanner CIPAce before 9.17 allows attackers to bypass a protection mechanism. When the system is configured to allow login with internal accounts, an attacker can possibly obtain full authentication if the...

CVE-2023-26829

An authentication bypass vulnerability in the Password Reset component of Gladinet CentreStack before 13.5.9808 allows remote attackers to set a new password for any valid user account, without needing the previous known password, resulting in a full authentication bypass...

SPA Cart CMS 2021 SQL Injection

Document Title: =============== SPA Cart CMS - Multiple SQL Injection Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2304 Release Date: ============= 2021-10-18 Vulnerability Laboratory ID VL-ID: ====================================...

Huawei Backup App v6.30.52.12.L - Session Vulnerability

Document Title: =============== Huawei Backup App v6.30.52.12.L - Session Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1815 Video: https://www.vulnerability-lab.com/getcontent.php?id=1987 Release Date: ============= 2018-07-30...

telering.at XSS vulnerability

Open Bug Bounty ID: OBB-600290 Description| Value ---|--- Affected Website:| telering.at Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

USN-2591-1 curl vulnerabilities

Paras Sethia discovered that curl could incorrectly re-use NTLM HTTP credentials when subsequently connecting to the same host over HTTP. CVE-2015-3143 Hanno Böck discovered that curl incorrectly handled zero-length host names. If a user or automated system were tricked into using a specially...