2936 matches found
CVE-2025-8025
Missing Authentication for Critical Function, Improper Access Control vulnerability in Dinosoft Business Solutions Dinosoft ERP allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dinosoft ERP: from 3.0.1 through 11022026. NOTE: The vendor was contacted early about...
CVE-2025-8025 Improper Access Control in Dinosoft Business Solutions' Dinosoft ERP
Missing Authentication for Critical Function, Improper Access Control vulnerability in Dinosoft Business Solutions Dinosoft ERP allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dinosoft ERP: from 3.0.1 through 11022026. NOTE: The vendor was contacted early about...
CVE-2025-8025
Missing Authentication for Critical Function, Improper Access Control vulnerability in Dinosoft Business Solutions Dinosoft ERP allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dinosoft ERP: from 3.0.1 through 11022026. NOTE: The vendor was contacted early about...
CVE-2025-8025 Improper Access Control in Dinosoft Business Solutions' Dinosoft ERP
Missing Authentication for Critical Function, Improper Access Control vulnerability in Dinosoft Business Solutions Dinosoft ERP allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dinosoft ERP: from 3.0.1 through 11022026. NOTE: The vendor was contacted early about...
CVE-2025-8025
The CVE concerns Dinosoft ERP with a Missing Authentication for Critical Function/Improper Access Control issue that affects versions
CVE-2026-2096
Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality...
PT-2026-7623
Name of the Vulnerable Software and Affected Versions Shenzhen Zhibotong Electronics ZBT WE2001 version 23.09.27 Description A flaw exists in the web management API components that allows unauthenticated attackers on the local network to modify router and network configurations. Attackers can...
ZBT WE2001 安全漏洞
ZBT WE2001 is a wireless router produced by ZBT Corporation. The version dated 23.09.27 of ZBT WE2001 contains a security vulnerability. This vulnerability stems from the lack of an authentication mechanism in the Web management API component, which may allow unauthenticated attackers on the loca...
CVE-2025-65128
A missing authentication mechanism in the web management API components of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows unauthenticated attackers on the local network to modify router and network configurations. By invoking operations whose names end with "nocommit" and supplying the...
CVE-2025-65128
CVE-2025-65128 affects Shenzhen Zhibotong Electronics ZBT WE2001 (version 23.09.27). The web management API lacks authentication, allowing unauthenticated attackers on the local network to modify router and network configurations by calling operations ending with *_nocommit and providing the expe...
PT-2026-7577
Missing Authentication for Critical Function, Improper Access Control vulnerability in Dinosoft Business Solutions Dinosoft ERP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Dinosoft ERP: from 3.0.1 through 11022026. NOTE: The vendor was contacted early about...
CVE-2025-65128
A missing authentication mechanism in the web management API components of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows unauthenticated attackers on the local network to modify router and network configurations. By invoking operations whose names end with "nocommit" and supplying the...
CVE-2026-2234
C@il developed by HGiga has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read and modify any user's mail content...
CVE-2026-2096
Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality...
CVE-2026-2096 Flowring|Agentflow - Missing Authenticaton
Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality...
CVE-2026-2096
Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality...
CVE-2026-2096 Flowring|Agentflow - Missing Authenticaton
Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality...
CVE-2026-2096
CVE-2026-2096 (Flowring Agentflow) : The vulnerability is a Missing Authentication issue in Agentflow by Flowring that allows unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality. Reported impact is high/critical (CVSS v4.0 base 9.3 with...
Missing Authentication for Critical Function
Overview fuxa-server is a Web-based Process Visualization SCADA/HMI/Dashboard software Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the /nodered/flows endpoint when the Node-RED plugin is enabled. An attacker can gain administrative access an...
Missing Authentication for Critical Function
Overview @frangoteam/fuxa is a Web-based Process Visualization SCADA/HMI/Dashboard software Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the /nodered/flows endpoint when the Node-RED plugin is enabled. An attacker can gain administrative acce...