CVE-2023-22450

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an ASP script file to a webserver when logged in as manager user, which can lead to arbitrary code execution...

SourceCodester Sales Tracker Management System SQL注入漏洞

Sales Tracker Management System is a sales tracker management system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in SourceCodester Sales Tracker Management System version 1.0 due to unknown functionality in the file filemanager/login.php in the component POST Paramet...

CVE-2020-15605

If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Vulnerability Protection 2.0 SP2 could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents...

Modx CMS CSRF Bypass & XSS Vulnerabilities

Public Disclosure - http://hacktivity.websecgeeks.com/modx-csrf-and-xss/ =========================================== Product: MODX Revolution Severity: Critical Versions: 2.0.0–2.2.14 Vulnerability type: CSRF & XSS Report date: 2014-Jul-10 Fixed date: 2014-Jul-15 Description A significant...

CVE-2013-7273

GNOME Display Manager gdm 3.4.1 and earlier, when disable-user-list is set to true, allows local users to cause a denial of service unable to login by pressing the cancel button after entering a user name...

MODX Evolution 1.0.6 (and prior) Unauthorized Manager Access

Product: MODX Evolution Risk: Very High Severity: Critical Versions: 1.0.6 and all previous releases Vulnerabilty Type: Permissions, Privileges, and Access Control; Input Validation; SQL Injection Report Date: 2012-Nov-26 Fixed Date: 2012-Nov-26 Description The Forgot Manager Login plugin...