CVE-2026-41317

Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS.press.api.account.createapisecret is prone to CSRF-like exploits. This endpoint writes to database and it is also accessible via GET method. The patch in commit...

TP-LINK TL-SG108E 安全漏洞

TP-LINK TL-SG108E is a smart switch from China P&L TP-LINK. A security vulnerability exists in TP-Link TL-SG108E version 1.0.0 Build 20201208 Rel.40304, which stems from a parameter username/password in the file /usraccountset.cgi that can lead to the use of get request methods with sensitive que...

CVE-2018-15433

A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to the transmission of sensitive information as part of a GET request. An attacker could exploit this vulnerability by...

CVE-2017-6778

A vulnerability in the Elastic Services Controller ESC web interface of the Cisco Ultra Services Platform could allow an authenticated, remote attacker to acquire sensitive information. The vulnerability is due to the transmission of sensitive information as part of a GET request. An attacker cou...