27 matches found
PT-2026-33919
The Responsive Blocks – Page Builder for Blocks & Patterns plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.2.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticat...
EUVD-2013-5311
Malware in sbrugna...
CVE-2025-8424
Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access...
BIT-MOODLE-2024-43435 Moodle: can create global glossary without being admin
A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary...
GHSA-4GQ2-X5W4-7HP8 Moodle has insufficient capability checks
A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary...
Moodle has insufficient capability checks
A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary...
UBUNTU-CVE-2024-43435
A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary...
Improper Privilege Management
Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Improper Privilege Management due to insufficient capability checks in the process of restoring glossaries which allows an attacker to restore glossaries in courses into the global site glossary...
CVE-2024-22212
Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. A problem in the password verification method allows an attacker to authenticate as another user. It is recommended that the Nextcloud Global Site Selector i...
Design/Logic Flaw
Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. A problem in the password verification method allows an attacker to authenticate as another user. It is recommended that the Nextcloud Global Site Selector i...
CVE-2024-22212
CVE-2024-22212 concerns the Nextcloud Global Site Selector, where a flaw in the password verification method allows an attacker to authenticate as another user. Affected versions require upgrades to 1.4.1, 2.1.2, 2.3.4, or 2.4.5; no public workarounds are noted in the provided documents. There ar...
CVE-2024-22212 Nextcloud global site selector authentication bypass
Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. A problem in the password verification method allows an attacker to authenticate as another user. It is recommended that the Nextcloud Global Site Selector i...
CVE-2024-22212 Nextcloud global site selector authentication bypass
Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. A problem in the password verification method allows an attacker to authenticate as another user. It is recommended that the Nextcloud Global Site Selector i...
PT-2024-19279 · Nextcloud · Nextcloud Global Site Selector
Name of the Vulnerable Software and Affected Versions: Nextcloud Global Site Selector versions prior to 1.4.1 Nextcloud Global Site Selector versions prior to 2.1.2 Nextcloud Global Site Selector versions prior to 2.3.4 Nextcloud Global Site Selector versions prior to 2.4.5 Description: The...
Nextcloud Access Control Error Vulnerability
Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An access control error vulnerability exists in Nextcloud Global Site Selector, which stems from a security flaw in the password authentication method that...
Nextcloud: Authentication bypass in Global Site Selector allows an attacker to log in as any user
Authentication bypass vulnerability in software allowed attacker to bypass authentication and log in as any user...
OneView updates: Dive into Report 2.0 & the new Global Site Filter
Were rolling out two new features to enhance usability in OneView, our multi-tenant platform for Managed Service Providers: Report 2.0 and the Global Site Filter. Heres what you need to know: Report 2.0: Improved Reporting in OneView Report 2.0 offers a more streamlined approach to reporting with...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the web framework in Cisco Global Site Selector GSS allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuh42164...
CVE-2013-5471
Cross-site request forgery CSRF vulnerability in the web framework in Cisco Global Site Selector GSS allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuh42164...
Cisco Global Site Selector Appliances DNS Vulnerability (cisco-sa-20090107-gss)
The remote Cisco Application Control Engine Global Site Selector GSS contains a denial of service DoS issue when processing specific Domain Name System DNS requests. TRUSTED...