Lucene search
+L

5 matches found

WPVulnDB
WPVulnDB
added 2024/01/04 12:0 a.m.20 views

All-in-one Floating Contact Form < 2.1.4 - Unauthenticated Unauthorised Action

Description The plugin does not have authorisation check in a function, which could allow unauthenticated users to perform an unauthorised action...

6.8AI score0.00485EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/12 1:36 a.m.42 views

CVE-2023-6542 Improper Export of Android Application Components in SAP EMARSYS SDK ANDROID

Due to lack of proper authorization checks in Emarsys SDK for Android, an attacker can call a particular activity and can forward himself web pages and/or deep links without any validation directly from the host application. On successful attack, an attacker could navigate to arbitrary URL...

7.1CVSS7.1AI score0.00222EPSS
Exploits1References2
WPVulnDB
WPVulnDB
added 2022/12/27 12:0 a.m.26 views

Login as User or Customer < 3.3 - Unauthenticated Privilege Escalation to Admin

The plugin lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session. PoC Run the below command in the developer console of the web browser while being on the blog as an unauthenticated user,...

9.8CVSS4.1AI score0.38625EPSS
Exploits2Affected Software1
Cvelist
Cvelist
added 2020/03/06 8:25 p.m.18 views

CVE-2020-5328

Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. When this happens, loss of control of the cluster can occur...

9.8CVSS9.4AI score0.01387EPSS
Exploits0References1
Veracode
Veracode
added 2019/07/15 2:19 a.m.22 views

Authorization Bypass

foreman-tasks is vulnerable to authorization bypass. An unprivileged user is able to view tasks details via the web UI and the API using the UUID of a task. This vulnerability is caused by a lack of authorization checks...

6.5CVSS6.5AI score0.01599EPSS
Exploits0References5Affected Software257
Rows per page
Query Builder