5 matches found
GHSA-3W9F-2PPH-J5VC com.xwiki.confluencepro:application-confluence-migrator-pro-ui's application homepage is public
Impact The homepage of the application is public which enables a guest to download the package which might contain sensitive information. Patches 1.11.7 Workarounds The access to the page can be manually restricted to a specific set of users or groups...
CVE-2024-48057
localai =2.20.1 is vulnerable to Cross Site Scripting XSS. When calling the delete model API and passing inappropriate parameters, it can cause a one-time storage XSS, which will trigger the payload when a user accesses the homepage...
FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass
FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass Exploit Title: FiberHome VDSL2 Modem HG 150-UB Authentication Bypass Date: 04/03/2018 Exploit Author: Noman Riffat Vendor Homepage: http://www.fiberhome.com/ CVE : CVE-2018-9248, CVE-2018-9248 The vulnerability exists in plain text & hard...
FiberHome VDSL2 Modem HG 150-UB Login Bypass
Exploit Title: FiberHome VDSL2 Modem HG 150-UB Login Bypass Date: 04/03/2018 Exploit Author: Noman Riffat Vendor Homepage: http://www.fiberhome.com/ The vulnerability exists in plain text & hard coded cookie. Using any cookie manager extension, an attacker can bypass login page by setting the...
RedHat Linux 7.0 Apache - Remote Username Enumeration
source: https://www.securityfocus.com/bid/3335/info Versions of Apache webserver shipping with Red Hat Linux 7.0 and possibly other Apache distributions install with a default misconfiguration which could allow remote users to determine whether a give username exists on the vulnerable system...