229 matches found
WordPress plugin Sunshine Photo Cart 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
WordPress plugin Depicter Slider 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
PT-2022-12234
Name of the Vulnerable Software and Affected Versions Single Connect affected versions not specified Description The issue arises from the lack of an authorization check in the sc-reports-ui module, allowing a remote attacker to access the device configuration page and export data to an external...
CVE-2021-24906
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib/pwa-deactivate.php file, which could allow unauthenticated users to disable the plugin and therefore the protection offered via a crafted request...
SAP NetWeaver AS Missing Authorization Check (3059446)
A missing authorization check vulnerability exists in the Administration Workset of the SAP NetWeaver Guided Procedures versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50. An authenticated, remote attacker can exploit this, to escalate privileges and allow an unauthorized user the ability to...
CVE-2020-27220
The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & control messages when it has subscribed only to commands for a specific device. The missing check involves verifying that the command target device is configure...
CVE-2020-6316
SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has no authorization in PS reporting, leading to Missing Authorization check...
CVE-2020-6316
SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has no authorization in PS reporting, leading to Missing Authorization check...
CVE-2020-6301
SAP ERP HCM Travel Management, versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of privileges, due to Missing Authorization Check...
CVE-2020-6298
SAP Banking Services Generic Market Data, versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data GMD and change related GMD key figure values, due to Missing Authorization Check...
CVE-2020-6298
SAP Banking Services Generic Market Data, versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data GMD and change related GMD key figure values, due to Missing Authorization Check...
CVE-2020-6301
SAP ERP HCM Travel Management, versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of privileges, due to Missing Authorization Check...
Authorization
SAP Banking Services Generic Market Data, versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data GMD and change related GMD key figure values, due to Missing Authorization Check...
Authorization
SAP ERP HCM Travel Management, versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of privileges, due to Missing Authorization Check...
Authorization
SAP S/4 HANA Fiori UI for General Ledger Accounting, versions 103, 104, does not perform necessary authorization checks for an authenticated user working with attachment service, allowing the attacker to delete attachments due to Missing Authorization Check...
CVE-2020-6301
SAP ERP (HCM Travel Management) versions 600–608 are affected by an access control vulnerability: an authenticated but unauthorized user can read, modify, and settle trips due to a missing authorization check. This leads to privilege escalation. The available connected documents confirm the affec...
CVE-2020-6301
SAP ERP HCM Travel Management, versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of privileges, due to Missing Authorization Check...
CVE-2020-6298
CVE-2020-6298 affects SAP Banking Services (Generic Market Data) versions 400, 450, and 500. The root cause is a missing authorization check that lets an unauthorized user display protected Business Partner Generic Market Data (GMD) and alter related GMD key figure values, impacting confidentiali...
CVE-2020-6298
SAP Banking Services Generic Market Data, versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data GMD and change related GMD key figure values, due to Missing Authorization Check...
CVE-2020-6273
SAP S/4 HANA Fiori UI for General Ledger Accounting, versions 103, 104, does not perform necessary authorization checks for an authenticated user working with attachment service, allowing the attacker to delete attachments due to Missing Authorization Check...