27 matches found
WordPress Felan Framework Improper Authentication Vulnerability
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language.WordPress plugin is an application plugin. A vulnerability exists in the WordPress Felan Framework, which is caused by the presence of hard-coded passwords in the fbajaxloginorregister function and t...
EUVD-2021-25127
Malware in sbrugna...
EUVD-2020-12664
Malware in sbrugna...
EUVD-2019-14828
Malware in sbrugna...
EUVD-2020-12614
Malware in sbrugna...
EUVD-2024-54573
Malicious code in bioql PyPI...
EUVD-2021-8836
Malicious code in bioql PyPI...
EUVD-2024-43209
Malicious code in bioql PyPI...
CVE-2024-13088
An improper authentication vulnerability has been reported to affect QHora. If an attacker gains local network access, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: QuRouter 2.5.0.140 and later...
CVE-2024-48859
An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following versions: QTS 5.1.9.2954 bui...
CVE-2023-0863
Improper Authentication vulnerability in ABB Terra AC wallbox UL40/80A, ABB Terra AC wallbox UL32A, ABB Terra AC wallbox CE Terra AC MID, ABB Terra AC wallbox CE Terra AC Juno CE, ABB Terra AC wallbox CE Terra AC PTB, ABB Terra AC wallbox CE Symbiosis, ABB Terra AC wallbox JP.This issue affects...
CVE-2022-30124
An improper authentication vulnerability exists in Rocket.Chat Mobile App 4.14.1.22788 that allowed an attacker with physical access to a mobile device to bypass local authentication PIN code...
CVE-2020-1788
Honor V30 smartphones with versions earlier than 10.0.1.135C00E130R4P1 have an improper authentication vulnerability. Certain applications do not properly validate the identity of another application who would call its interface. An attacker could trick the user into installing a malicious...
CVE-2020-1793
There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Ma...
CVE-2025-4494 JAdmin-JAVA JAdmin Admin Backend NoNeedLoginController.java toLogin improper authentication
A vulnerability, which was classified as critical, was found in JAdmin-JAVA JAdmin 1.0. Affected is the function toLogin of the file NoNeedLoginController.java of the component Admin Backend. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The...
CVE-2024-43685 Session token fixation in TimeProvider 4100
Improper Authentication vulnerability in Microchip TimeProvider 4100 login modules allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...
CVE-2024-4129 Authentication bypass in Snow License Manager
Improper Authentication vulnerability in Snow Software AB Snow License Manager on Windows allows a networked attacker to perform an Authentication Bypass if Active Directory Authentication is enabled.This issue affects Snow License Manager: from 9.33.2 through 9.34.0...
CVE-2023-33237
TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication vulnerability. This vulnerability arises from inadequate authentication measures implemented in the web API handler, allowing low-privileged APIs to execute restricted actions that only high-privileged APIs ar...
CVE-2023-3065 Mobatime mobile application - Authentication bypass
Improper Authentication vulnerability in Mobatime mobile application AMXGT100 allows Authentication Bypass.This issue affects Mobatime mobile application AMXGT100 through 1.3.20...
JVN#55675303: Digital Arts m-FILTER vulnerable to improper authentication
m-FILTER provided by Digital Arts Inc. is an emaill security product. m-FILTER contains an improper authentication vulnerability CWE-287 when emails are being sent under certain conditions, and unintended emails may be sent by a remote attacker. Digital Arts Inc. states that attacks exploiting th...