20 matches found
EUVD-2025-150406
The SureForms plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.13.1 via the 'srfmemailnotification' post meta registration. This is due to setting the 'authcallback' parameter to 'returntrue', which allows unauthenticated access to the...
EUVD-2021-12145
Malware in sbrugna...
EUVD-2023-29370
Malicious code in bioql PyPI...
CVE-2025-20893
Improper access control in NotificationManager prior to SMR Jan-2025 Release 1 allows local attackers to change the configuration of notifications...
CVE-2025-20893
Improper access control in NotificationManager prior to SMR Jan-2025 Release 1 allows local attackers to change the configuration of notifications...
CVE-2025-20893
CVE-2025-20893 affects Samsung Mobile devices via an improper access control flaw in NotificationManager, enabling local attackers to modify notification configurations. The issue is described across multiple sources (NVD, Red Hat, CIRCL, CNNVD, and NCSC) as a local-privilege-like impact with low...
Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure Vulnerability
Exploit Title: Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure Exploit Author: CraCkEr Vendor: Templatecookie Vendor Homepage: https://templatecookie.com/ Software Link: https://templatecookie.com/demo/adlisting-classified-ads-script Version: 2.14.0 Tested on: Windows 10...
Adlisting Classified Ads 2.14.0 Information Disclosure
Exploit Title: Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure Exploit Author: CraCkEr Date: 25/07/2023 Vendor: Templatecookie Vendor Homepage: https://templatecookie.com/ Software Link: https://templatecookie.com/demo/adlisting-classified-ads-script Tested on: Windows 10...
CVE-2023-25415
Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. The device allows unauthenticated access to Event Notification configuration...
CVE-2023-25415
Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. The device allows unauthenticated access to Event Notification configuration...
CVE-2023-25415
Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. The device allows unauthenticated access to Event Notification configuration...
The vulnerability of the Notification Configuration component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain unauthorized access to protected data or compromise the integrity of that data.
The vulnerability of the Notification Configuration component in the Oracle PeopleSoft Enterprise PeopleTools business application exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...
CVE-2021-2408
Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Notification Configuration. The supported version that is affected is 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...
CVE-2021-2408
Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Notification Configuration. The supported version that is affected is 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...
CVE-2021-25234
An improper access control vulnerability in Trend Micro Apex One on-prem and SaaS, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific notification configuration file...
Improper access control
An improper access control vulnerability in Trend Micro Apex One on-prem and SaaS, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific notification configuration file...
CVE-2021-25234
An improper access control vulnerability in Trend Micro Apex One on-prem and SaaS, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific notification configuration file...
CVE-2021-25234
CVE-2021-25234 is an improper access control vulnerability affecting Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1. The connected sources describe an unauthenticated attacker being able to obtain information about a specific notification con...
How to Enable Password Expiration Notification on StoreFront 2.x
This article helps you configure StoreFront 2.x server to show password expiry warning message when you connect directly to StoreFront server...
Sophos UTM Frontend Component Local Information Disclosure Vulnerability
Sophos UTM aka Astaro Security Gateway is a suite of unified threat management appliances from Sophos UK. The appliance provides gateway security protection and endpoint security protection. An information disclosure vulnerability exists in the Frontend component of Sophos UTM using firmware...