12 matches found
CVE-2025-65784
Insecure permissions in Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows authenticated attackers with low-level privileges to access other users' information via a crafted API request...
CVE-2025-65783
An arbitrary file upload vulnerability in the /utils/uploadFile component of Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows attackers to execute arbitrary code via uploading a crafted PDF file...
CVE-2025-65783
An arbitrary file upload vulnerability in the /utils/uploadFile component of Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows attackers to execute arbitrary code via uploading a crafted PDF file...
CVE-2025-65783
An arbitrary file upload vulnerability in the /utils/uploadFile component of Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows attackers to execute arbitrary code via uploading a crafted PDF file...
CVE-2025-65784
Hubert Hub v2.0.1.27.3 (Hubert Imoveis e Administracao Ltda) has an insecure permissions issue that lets authenticated users with low privileges retrieve other users’ information through a crafted API request. Impact: confidentiality of data. Root cause: improper access controls on API endpoints....
PT-2026-2485
CVE-2025-65783 An arbitrary file upload vulnerability in the /utils/uploadFile component of Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows attackers to execute arbitrary… https://t.co/LqnyiifjdF...
CVE-2025-65783
An arbitrary file upload vulnerability in the /utils/uploadFile component of Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows attackers to execute arbitrary code via uploading a crafted PDF file...
CVE-2025-65784
Insecure permissions in Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows authenticated attackers with low-level privileges to access other users' information via a crafted API request...
CVE-2024-11923
Under certain log settings the IAM or CORE service will log credentials in the iam logfile in Fortra Application Hub Formerly named Helpsystems One prior to version 1.3...
CVE-2022-24327
In JetBrains Hub before 2021.1.13890, integration with JetBrains Account exposed an API key with excessive permissions...
Plantronics Hub 3.13.2 - SpokesUpdateService Privilege Escalation Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Plantronics Hub SpokesUpdateService Privilege Escalation', 'Description' = %q The Plantronics Hub client application for Windows makes use of an...
PT-2018-6270 · Insteon · Insteon Hub
Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: An attacker could send an authenticated HTTP request to trigger this issue in the Insteon Hub. The value for the s vol play key is copied using strcpy to a buffer, which is maximum 8 bytes large. Sending ...