CtrlPanel.gg 安全漏洞

CtrlPanel.gg is an open-source hosting service billing management tool developed by CtrlPanel.gg. Versions of CtrlPanel.gg prior to 1.1.1 contained security vulnerabilities. These vulnerabilities stemmed from the management settings update endpoint accepting user-provided class names and using th...

CVE-2023-49984

A cross-site scripting XSS vulnerability in the component /management/settings of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter...

CVE-2025-41750

An XSS vulnerability in pxcPortCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

EUVD-2025-201902

An XSS vulnerability in pxcportSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

CVE-2025-41746

An XSS vulnerability in pxcportSecCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-lev...

CVE-2025-41748 Reflected XSS vulnerability in pxc_Dot1xCfg.php

An XSS vulnerability in pxcDot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

CVE-2025-30117

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unauthorized parties. After bypassing the device pairing, an attacker can obtain sensitive user and vehicle information...

CVE-2023-49984

A cross-site scripting XSS vulnerability in the component /management/settings of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter...

School Fees Management System 安全漏洞

School Fees Management System is a tuition management system. A security vulnerability exists in School Fees Management System v1.0, which originates from a cross-site scripting XSS vulnerability in /management/settings...

PT-2024-1300 · Unknown · Instawp Connect

Name of the Vulnerable Software and Affected Versions: InstaWP Connect versions 0.1.0.8 and earlier Description: The issue is related to improper privilege management, allowing privilege escalation. It is associated with the save management settings function and inadequate authorization procedure...

PT-2023-31443 · Unknown · School Management System

Name of the Vulnerable Software and Affected Versions: School Fees Management System version 1.0 Description: A cross-site scripting XSS issue in the /management/settings component allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from Samsung South Korea. A security vulnerability exists in SAMSUNG Mobile devices SMR Nov-2022 Release 1, which stems from an incorrect access control vulnerability in clearAllGlobalProxy in...

Vmware Carbon Black Cloud 授权问题漏洞

Vmware Carbon Black Cloud is a Sass platform from Vmware USA that provides security checking and defense capabilities for cloud endpoints. VMware Carbon Black Cloud Workload 1.0.1 and prior versions have an authentication bypass vulnerability that could allow a user with network access to the...

FAQ: Single-Step Upgrade for SD-WAN Appliances to 9.3.x

Question: Should I use .tar.gz, or single step upgrade .zip package to upgrade to 9.3.x from my current version 8.1.x, 9.1.x, 9.2.x? Answer: Use the .tar.gz files of the concerned platforms to upgrade the SD-WAN software to 9.3.x. After the SD-WAN software is upgraded to 9.3.x version, perform...

NP-BBRM vulnerable in UPnP functionality

Overview NP-BBRM provided by I-O DATA DEVICE, INC. is a LAN router. NP-BBRM contains a vulnerability in the UPnP functionality. Impact The device may be used in a DDoS attack, as a SSDP reflector. Solution Disable UPnP Disable UPnP functionality from the management configuration in the settings...

Mandriva Update for laptop-mode-tools MDVA-2008:047 (laptop-mode-tools)

Check for the Version of laptop-mode-tools OpenVAS Vulnerability Test Mandriva Update for laptop-mode-tools MDVA-2008:047 laptop-mode-tools Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...