118 matches found
Karel IP Phone IP1211 Web Management Panel - Local File Inclusion
Karel IP Phone IP1211 Web Management Panel is vulnerable to local file inclusion and can allow remote attackers to access arbitrary files stored on the remote device via the 'cgiServer.exx' endpoint and the 'page' parameter. id: CVE-2025-34023 info: name: Karel IP Phone IP1211 Web Management Pane...
Arcadia Crafty Controller 安全漏洞
Arcadia Crafty Controller is a server management panel developed under the open-source Crafty Controller project. There is a security vulnerability in Arcadia Crafty Controller. This vulnerability stems from a lack of resilience to unexpected messages from connection switches, which may lead to...
Acer M6E 安全漏洞
The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the fact that the web management panel is widely bound to the public IPv6 address space at port :::8080, with no default firewa...
CVE-2026-7766 Path Traversal in Kenik cameras
Kenik Camera management Panel is vulnerable to Path Traversal vulnerability. An unauthenticated attacker can send GET request with arbitrary file path and read corresponding files located on the server. The issue was fixed in version 2026-04-23 of the KG-5260xxxx-IL-G2 cameras. Rest of the produc...
CVE-2026-44567
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, the API does not properly validate that the user has an authorized user role of user. By default, when Open WebUI is configured with new sign-ups enabled, the default user role is...
CVE-2026-1274
IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control panel...
CVE-2026-1274
IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control panel...
CVE-2026-1274
IBM Guardium Data Protection 12.0, 12.1, and 12.2 are affected by CVE-2026-1274, a Bypass Business Logic vulnerability in the access management control panel (CWE-840). The IBM bulletin lists the affected versions and provides version-specific fixes via Fix Central bundles for 12.0, 12.1, and 12....
CVE-2026-1274 IBM Guardium Data Protection is affected by multiple vulnerabilities
IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control panel...
PT-2026-34576
IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control panel...
ajenti 安全漏洞
Ajenti is an open-source Linux and BSD-based modular server management panel developed by ajenti. Versions of Ajenti prior to 2.2.15 contained security vulnerabilities, which stemmed from the ability for unauthenticated users to install custom packages...
CVE-2026-27975
Ajenti is a Linux and BSD modular server admin panel. Prior to version 2.2.13, an unauthenticated user could gain access to a server to execute arbitrary code on this server. This is fixed in the version 2.2.13...
Doditsolutions Homey BNB SQL注入漏洞
Doditsolutions Homey BNB is a homestay reservation system operated by the Indian company Doditsolutions. Doditsolutions Homey BNB V4 has a SQL injection vulnerability; this vulnerability stems from SQL injections during login on the management panel, which may allow unverified attackers to bypass...
Websitem 7070 Hazır Profesyonel Web Sitesi SQL注入漏洞
Websitem 7070 Ready-made Professional Website is a website construction kit provided by the Turkish company Websitem. Version 1.0 of Websitem 7070 Ready-made Professional Website contains a SQL injection vulnerability. This vulnerability stems from an authentication bypass in the login page of th...
GoPhish 安全漏洞
GoPhish is an open-source phishing framework developed by GoPhish. Versions of GoPhish 0.12.1 and earlier contain security vulnerabilities. These vulnerabilities stem from improper access control mechanisms. In these versions, the management panel exposes the user’s long-term API keys directly in...
QRMenümPro Menu Panel security vulnerabilities
QRMenümPro Menu Panel is a backend management panel for the intelligent menu system developed by the Turkish company QRMenümPro. The QRMenümPro Menu Panel versions dated 29012026 and earlier contained security vulnerabilities. These vulnerabilities were caused by user-controllable keys that allow...
NETGEAR WiFi range extenders 安全漏洞
NETGEAR WiFi range extenders are a series of WiFi signal extenders from NETGEAR. A security vulnerability exists in NETGEAR WiFi range extenders that stems from insufficient authentication, which could lead to a network-adjacent attacker bypassing authentication and accessing the management panel...
CE Phoenix 跨站脚本漏洞
CE Phoenix is a powerful e-commerce store from Phoenix Cart open source. A cross-site scripting vulnerability exists in CE Phoenix version v3.0.1, which stems from the presence of stored cross-site scripting in the Currency Management Panel that could lead to the execution of arbitrary JavaScript...
EUVD-2018-8888
Malware in sbrugna...
EUVD-2018-19439
Malware in sbrugna...