CVE-2024-36036

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent configuration...

Status PowerBPM 访问控制错误漏洞

Status PowerBPM is a BPM system from Status. An Access Control Error vulnerability exists in Status PowerBPM v2.0, which stems from insufficient authentication, and can be exploited by an attacker on a local area network with normal user privileges to modify an alternate agent to an arbitrary use...

Trend Micro Apex One 安全漏洞

Trend Micro Apex One is an endpoint protection software from Trend Micro. A security vulnerability exists in Trend Micro Apex One 2019 on-prem, SaaS version, which stems from forced browsing in Apex One, and can be exploited by an attacker to access the Apex One console to elevate privileges and...

CVE-2022-41746

A forced browsing vulnerability in Trend Micro Apex One could allow an attacker with access to the Apex One console on affected installations to escalate privileges and modify certain agent groupings. Please note: an attacker must first obtain the ability to log onto the Apex One web console in...

CVE-2012-4280

Multiple cross-site request forgery CSRF vulnerabilities in admin/agenteditor.php in Free Realty 3.1-0.6 allow remote attackers to hijack the authentication of administrators for requests that 1 add an agent via an addagent action or 2 modify an agent...