22 matches found
CVE-2025-64995
A privilege escalation vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior V3.4. Improper protection of the execution path on the local device allows attackers, with local access to the devic...
CVE-2025-64995
A privilege escalation vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior V3.4. Improper protection of the execution path on the local device allows attackers, with local access to the devic...
CVE-2025-64995
A privilege escalation vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior V3.4. Improper protection of the execution path on the local device allows attackers, with local access to the devic...
CVE-2025-64995 Privilege Escalation via Process Hijacking in 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction
A privilege escalation vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior V3.4. Improper protection of the execution path on the local device allows attackers, with local access to the devic...
CVE-2025-64995 Privilege Escalation via Process Hijacking in 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction
A privilege escalation vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior V3.4. Improper protection of the execution path on the local device allows attackers, with local access to the devic...
CVE-2025-64995
CVE-2025-64995 affects TeamViewer DEX (formerly 1E DEX). The vulnerability is a privilege-escalation in the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior to version 3.4, caused by improper protection of the execution path on the local device. This issue could allow an at...
EUVD-2025-202669
A privilege escalation vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior V3.4. Improper protection of the execution path on the local device allows attackers, with local access to the devic...
CVE-2025-64995
A privilege escalation vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior V3.4. Improper protection of the execution path on the local device allows attackers, with local access to the devic...
EUVD-2025-16590
Malicious code in bioql PyPI...
CVE-2025-5423
A vulnerability has been found in juzaweb CMS up to 3.4.2 and classified as critical. This vulnerability affects unknown code of the file /admin-cp/setting/system/general of the component General Setting Page. The manipulation leads to improper access controls. The attack can be initiated remotel...
CVE-2025-5423
Juzaweb CMS up to version 3.4.2 has a vulnerability in the General Setting Page at /admin-cp/setting/system/general. The issue is improper access controls, enabling remote exploitation and is publicly disclosed. Vendor did not respond. As a temporary mitigation, PT-2025-23446 recommends restricti...
CVE-2025-5423 juzaweb CMS General Setting Page general access control
A vulnerability has been found in juzaweb CMS up to 3.4.2 and classified as critical. This vulnerability affects unknown code of the file /admin-cp/setting/system/general of the component General Setting Page. The manipulation leads to improper access controls. The attack can be initiated remotel...
CVE-2025-5423 juzaweb CMS General Setting Page general access control
A vulnerability has been found in juzaweb CMS up to 3.4.2 and classified as critical. This vulnerability affects unknown code of the file /admin-cp/setting/system/general of the component General Setting Page. The manipulation leads to improper access controls. The attack can be initiated remotel...
Campcodes Legal Case Management System 代码问题漏洞
Campcodes Legal Case Management System is a legal case management system from Campcodes, Inc. A code issue vulnerability exists in Campcodes Legal Case Management System version 1.0, which stems from a vulnerability in the /admin/general-setting file...
HTMLy Version v2.9.6 - Stored XSS Vulnerability
Exploit Title: HTMLy Version v2.9.6 - Stored XSS Exploit Author: tmrswrr Vendor Homepage: https://www.htmly.com/ Version 3.10.8.21 Date : 04/08/2024 1 Login admin https://127.0.0.1/HTMLy/admin/config 2 General Setting Blog title " 3 After save it you will be see XSS alert...
HTMLy 2.9.6 Cross Site Scripting
Exploit Title: HTMLy Version : 2.9.6 - Stored XSS Exploit Author: tmrswrr Vendor Homepage: https://www.htmly.com/ Version 3.10.8.21 Date : 04/08/2024 1 Login admin https://127.0.0.1/HTMLy/admin/config 2 General Setting Blog title " 3 After save it you will be see xss alert...
CVE-2024-24506
Cross Site Scripting XSS vulnerability in Lime Survey Community Edition Version v.5.3.32+220817, allows remote attackers to execute arbitrary code via the Administrator email address parameter in the General Setting function...
CVE-2024-24506
Cross Site Scripting XSS vulnerability in Lime Survey Community Edition Version v.5.3.32+220817, allows remote attackers to execute arbitrary code via the Administrator email address parameter in the General Setting function...
CVE-2024-24506
LimeSurvey Community Edition 5.3.32+220817 contains a Cross-Site Scripting (XSS) vulnerability in the General Setting function via the Administrator email address parameter. Exploitation can allow remote execution of scripts in a victim’s browser, potentially enabling session/cookie theft or cred...
PT-2024-20426
Name of the Vulnerable Software and Affected Versions Lime Survey Community Edition version v.5.3.32+220817 Description A Cross Site Scripting XSS issue allows remote attackers to execute arbitrary code via the Administrator email address parameter in the General Setting function. This enables...