CVE-2026-1213

All versions of askbot before and including 0.12.2 allow an attacker authenticated with normal user permissions to modify the profile picture of other application users.This issue affects askbot: 0.12.2...

CVE-2025-42897 Information Disclosure vulnerability in SAP Business One (SLD)

Due to information disclosure vulnerability in anonymous API provided by SAP Business One SLD, an attacker with normal user access could gain access to unauthorized information. As a result, it has a low impact on the confidentiality of the application but no impact on the integrity and...

CVE-2025-42897 Information Disclosure vulnerability in SAP Business One (SLD)

Due to information disclosure vulnerability in anonymous API provided by SAP Business One SLD, an attacker with normal user access could gain access to unauthorized information. As a result, it has a low impact on the confidentiality of the application but no impact on the integrity and...

PRIMX ZED 安全漏洞

PRIMX ZED is a suite of sensitive data encryption software from PRIMX Corporation. A security vulnerability exists in PRIMX ZED Enterprise version 2024.3 and prior versions. An attacker could exploit the vulnerability to manipulate technical files stored in a local folder with normal user access...

CVE-2024-39947

A vulnerability has been found in Dahua products.After obtaining the ordinary user's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash...

Acer Care Center 授权问题漏洞

Acer Care Center is a system care center from Acer China Acer that allows you to back up or restore your system settings and network drivers to prevent the effects of system failure. Acer Care Center version 4.00.30xx to versions prior to 4.00.3042 A security vulnerability exists that originates...

Librenms 信息泄露漏洞

Librenms is a PHP and MySQL based open source network monitoring system from the Librenms community. The system features custom alerts, auto-discovery of network environments and automatic updates. librenms suffers from an information disclosure vulnerability that stems from allowing users with...

CVE-2017-9383

An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/port3480". It seems that the UPnP services provide "wget" as one of the service actions for a normal...

CVE-2018-8209

An information disclosure vulnerability exists when Windows allows a normal user to access the Wireless LAN profile of an administrative user, aka "Windows Wireless Network Profile Information Disclosure Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers...

Arbitrary file read vulnerability in cms made simple backend for normal users

CMS Made Simple is an open source content management system. It is built using PHP and Smarty Engine , which separates content , functionality and templates . cms made simple version 2.2.7 version of the background for file preview there is an arbitrary file read vulnerability , an attacker can...

Moodle CMS 3.1.2 Cross Site Scripting / File Upload

Title: Multiple Vulnerabilities - Moodle CMS -3.1.2 Application: Moodle CMS Versions Affected: = 3.1.2 Vendor URL: https://moodle.org/ Software URL: https://download.moodle.org/ Discovered by: Joel Vadodil Varghese Tested on: Windows 10 Pro Bugs: Persistent Cross Site Scripting, Non-Persistent...

DST2K0040: QuotaAdvisor 4.1 by WQuinn susceptible to any user bei ng able to list (not read) all files on any server running QuotaAdvisor.

============================================================================ Delphis Consulting Plc ============================================================================ Security Team Advisories 26/09/2000 [email protected] http://www.delphisplc.com/thinking/whitepapers/...