2931 matches found
CVE-2025-4268
A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input RebootSystem leads to missing authentication. The attack can be initiated...
CVE-2025-4268
A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input RebootSystem leads to missing authentication. The attack can be initiated...
CVE-2025-4268 TOTOLINK A720R cstecgi.cgi missing authentication
A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input RebootSystem leads to missing authentication. The attack can be initiated...
CVE-2025-4268
The CVE-2025-4268 entry applies to TOTOLINK A720R firmware 4.1.5cu.374, where an improper authentication flaw exists in /cgi-bin/cstecgi.cgi. The vulnerability arises from manipulating the topicurl parameter with the value RebootSystem, enabling remote exploitation without authentication. Multipl...
CVE-2025-4268 TOTOLINK A720R cstecgi.cgi missing authentication
A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input RebootSystem leads to missing authentication. The attack can be initiated...
PT-2025-19345 · Totolink · Totolink A720R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A720R version 4.1.5cu.374 Description: A critical vulnerability has been found in the TOTOLINK A720R, affecting unknown code of the file /cgi-bin/cstecgi.cgi. The manipulation of the topicurl argument with the input RebootSystem lead...
Langflow Missing Authentication Vulnerability
Langflow contains a missing authentication vulnerability in the /api/v1/validate/code endpoint that allows a remote, unauthenticated attacker to execute arbitrary code via crafted HTTP requests...
CVE-2025-1495 IBM Business Automation Workflow missing authentication
IBM Business Automation Workflow 24.0.0 and 24.0.1 through 24.0.1 IF001 Center may leak sensitive information due to missing authorization validation...
Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp
CVE-2025-32433: Erlang/OTP's SSH Server Exploit...
GMOD Apollo Missing Authentication For Critical Function (CVE-2025-24924)
Binary data gmodapollocve-2025-24924.nbin...
CVE-2025-4019
A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The manipulation leads to missing...
CVE-2025-4018
A vulnerability, which was classified as critical, has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This issue affects the function addCrawlSource of the file novel-crawl/src/main/java/com/java2nb/novel/controller/CrawlController.java. The manipulation leads t...
CVE-2025-4015
A vulnerability was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. It has been rated as critical. Affected by this issue is the function list of the file novel-system/src/main/java/com/java2nb/system/controller/SessionController.java. The manipulation leads to missin...
Improper Access Control
moodle/moodle is vulnerable to Improper Access Control. The vulnerability is due to missing authentication enforcement, which allows users to enroll in courses without completing two-step verification...
CVE-2025-4019
A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The manipulation leads to missing...
CVE-2025-4018
A vulnerability, which was classified as critical, has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This issue affects the function addCrawlSource of the file novel-crawl/src/main/java/com/java2nb/novel/controller/CrawlController.java. The manipulation leads t...
CVE-2025-4019 20120630 Novel-Plus GeneratorController.java genCode missing authentication
A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The manipulation leads to missing...
CVE-2025-4019 20120630 Novel-Plus GeneratorController.java genCode missing authentication
A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The manipulation leads to missing...
CVE-2025-4019
The CVE-2025-4019 entry concerns Novel-Plus (versions from 20120630 up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160). The flaw is in the GeneratorController.java, specifically the genCode function, where manipulation leads to missing authentication. This enables a remote attacker to exploit the vu...
CVE-2025-4018 20120630 Novel-Plus CrawlController.java addCrawlSource missing authentication
A vulnerability, which was classified as critical, has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This issue affects the function addCrawlSource of the file novel-crawl/src/main/java/com/java2nb/novel/controller/CrawlController.java. The manipulation leads t...