200 matches found
CVE-2022-1551
The SP Project & Document Manager WordPress plugin before 4.58 uses an easily guessable path to store user files, bad actors could use that to access other users' sensitive files...
Information Disclosure
notebook is vulnerable to information disclosure. Authenticated attackers are able to access sensitive files, when the server root directory's only protection from the server is being hidden. The issue is there because the requests directed through ContentsManager.allowhidden = False command only...
CVE-2022-28892
Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery CSRF because randomly generated tokens are too easily guessable...
Mahara 跨站请求伪造漏洞
Mahara is a free and open source web-based ePortfolio management system from Mahara. Mahara suffers from a security vulnerability that stems from randomly generated tokens that are too easy to guess and are susceptible to cross-site request forgery CSRF attacks. The following products and version...
VikBooking Hotel Booking Engine & PMS < 1.5.4 - Booking Data Disclosure
The plugin has guessable booking IDs, which could allow attackers to retrieve booking data via an IDOR in the search request...
GHSA-Q24H-5RQ3-63J9 Incorrect Authorization in @uppy/companion
@uppy/companion prior to version 3.3.1 is vulnerable to incorrect authorization. A user with URL upload access could enumerate internal companion server networks, send local webservers files to the destination server, and finally download them If each of these files had a guessable and regular na...
Incorrect Authorization in @uppy/companion
@uppy/companion prior to version 3.3.1 is vulnerable to incorrect authorization. A user with URL upload access could enumerate internal companion server networks, send local webservers files to the destination server, and finally download them If each of these files had a guessable and regular na...
PT-2022-13242 · Unknown +1 · @Uppy/Companion +1
Name of the Vulnerable Software and Affected Versions: uppy versions prior to 3.3.1 @uppy/companion versions prior to 3.3.1 Description: The issue allows for exposure of sensitive information to an unauthorized actor. It also enables incorrect authorization, where a user with URL upload access...
DEBIAN-CVE-2021-43808
Laravel is a web application framework. Laravel prior to versions 8.75.0, 7.30.6, and 6.20.42 contain a possible cross-site scripting XSS vulnerability in the Blade templating engine. A broken HTML element may be clicked and the user taken to another location in their browser due to XSS. This is...
in kcal-app/kcal
Description Weak password implementation Proof of Concept step 1: login into account goto http://demo.kcal.cooking/users/kcal/edit step 2: change password kcal to 12 and save changes step 3: we can see updated message application is allowing to set weak password. poc of image in below link...
in babybuddy/babybuddy
Description Weak password implementation Proof of Concept step 1: login into account step 2: goto settings http://demo.baby-buddy.net/user/password/ step 3: change password admin to 12 and save changes step 4: we can see updated message application is allowing to set weak password. poc of image i...
Vulnerability in the Kaspersky Password Manager
A vulnerability just patched in the random number generator used in the Kaspersky Password Manager resulted in easily guessable passwords: The password generator included in Kaspersky Password Manager had several problems. The most critical one is that it used a PRNG not suited for cryptographic...
CVE-2020-11719
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. It relies on broken encryption with a weak and guessable static encryption key...
CVE-2020-11719
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. It relies on broken encryption with a weak and guessable static encryption key...
EdgeSwitch Command Injection Vulnerability
EdgeSwitch is a poe Gigabit switch from Ubiquiti Networks Ubiquiti Express and is part of the EdgeMAX series. A command injection vulnerability exists in EdgeSwitch versions prior to 1.9.1. The vulnerability stems from a guessable SIDSSL cookie in the administrator web interface of an older versi...
bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c
An assertion failure was found in BIND, which checks the validity of messages containing TSIG resource records. This flaw allows an attacker that knows or successfully guesses the name of the TSIG key used by the server to use a specially-crafted message, potentially causing a BIND server to reac...
bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c
An assertion failure was found in BIND, which checks the validity of messages containing TSIG resource records. This flaw allows an attacker that knows or successfully guesses the name of the TSIG key used by the server to use a specially-crafted message, potentially causing a BIND server to reac...
bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c
An assertion failure was found in BIND, which checks the validity of messages containing TSIG resource records. This flaw allows an attacker that knows or successfully guesses the name of the TSIG key used by the server to use a specially-crafted message, potentially causing a BIND server to reac...
bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c
An assertion failure was found in BIND, which checks the validity of messages containing TSIG resource records. This flaw allows an attacker that knows or successfully guesses the name of the TSIG key used by the server to use a specially-crafted message, potentially causing a BIND server to reac...
CVE-2020-14070
An issue was discovered in MK-AUTH 19.01. There is authentication bypass in the web login functionality because guessable credentials to admin/executarlogin.php result in admin access...