18 matches found
CVE-2024-9431
In version v0.0.14 of transformeroptimus/superagi, there is an improper privilege management vulnerability. After logging into the system, users can change the passwords of other users, leading to potential account takeover...
CVE-2022-28357
NATS nats-server 2.2.0 through 2.7.4 allows directory traversal because of an unintended path to a management action from a management account...
Directory traversal
NATS nats-server 2.2.0 through 2.7.4 allows directory traversal because of an unintended path to a management action from a management account...
UBUNTU-CVE-2022-28357
NATS nats-server 2.2.0 through 2.7.4 allows directory traversal because of an unintended path to a management action from a management account...
CVE-2022-28357
NATS nats-server 2.2.0 through 2.7.4 allows directory traversal because of an unintended path to a management action from a management account...
CVE-2022-28357
NATS nats-server 2.2.0 through 2.7.4 allows directory traversal because of an unintended path to a management action from a management account...
CVE-2022-28357
NATS nats-server 2.2.0 through 2.7.4 allows directory traversal because of an unintended path to a management action from a management account...
JVN#59576930: Zero-channel BBS Plus vulnerable to cross-site scripting
Zero-channel BBS Plus by Zero-Channel BBS Plus Developers is a bulletin board CGI script. Zero-channel BBS Plus contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is accessing the management screen of the product,...
711cms 跨站请求伪造漏洞
711cms is an open source CMS for the APP application market , providing a complete APP application market construction, operation and promotion of one-stop solution . There is a security vulnerability in 711cms v1.0.7, you can add a management account via admin.php?c=Admin&m=content...
Privilege escalation
Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to how the MultiPoint management account password is stored, aka "Windows Elevation of Privilege Vulnerability"...
Windows Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Microsoft Windows when the MultiPoint management account password is improperly secured. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated privileges. To exploit this vulnerability, an attacker must...
Schneider Electric U.motion Builder Local Elevation of Privilege Vulnerability
U.motion Builder is a builder product from Schneider Electric France. A local elevation of privilege vulnerability exists in Schneider Electric U.motion Builder. The network management account is set to function as sudo without a password. An attacker can exploit the vulnerability to execute...
בנק הפועלים - ניהול החשבון - Dangerous filesystem permissions, Exported ContentProvider, GPL license vulnerabilities
HackApp vulnerability scanner discovered that application בנק הפועלים - ניהול החשבון published at the 'play' market has multiple vulnerabilities...
EMC SourceOne DoS
Management account lockout is possible...
PHPCMS V9 direct blasting management account password-loophole warning-the black bar safety net
Google keyword inurl:"index. php? m=content+c=rss+catid=1 0" EXP api. php? op=addfavorite&url=xx. oo&title= and select 1 fromselect count,concatselect select select concat0x23,castconcatusername,0x3a,password,0x3a,encrypt as char,0x23 from v9admin LIMIT 0,1 from informationschema. tables limit...
Analysis of the postgresql database attack techniques II-vulnerability warning-the black bar safety net
You can see we broke up in a field for the name, then we continue incrementing the offset value, to obtain the other field, as shown in Figure 9 and 1=2 union select 1,columnname,'3','4' from informationschema. the columns where tablename='admins' offset 2 limit 1-- ! Figure 9 Field passowrd is...
Rain Joe(YuQa)Network Information feedback system YuQaIFS V1. 0 vulnerability 0day and fix-vulnerability warning-the black bar safety net
Publishing author: f4tb0y Affected versions: YuQaIFS V1. 0 Vulnerability type: design flaw Vulnerability Description: a vulnerability in the file is YuQaIFSSave. the asp directly to the submitted data is written to the database, without any filtering. 主页 面 www.xxx.com/xx/index.asp(xx for this...
slmail3.txt
Date: Fri, 4 Sep 1998 16:38:13 +0100 From: Mnemonix Subject: SL-Mail ver 3.0.2423 security Hi, I thought I'd write to advise of a security issue with SLMail version 3.0.3423. Other versions may also be affected. During the install you choose whether the passowrd is set to the account name,...