10 matches found
CVE-2025-65276
An unauthenticated administrative access vulnerability exists in the open-source HashTech project https://github.com/henzljw/hashtech 1.0 thru commit 5919decaff2681dc250e934814fc3a35f6093ee5 2021-07-02. Due to missing authentication checks on /adminindex.php, an attacker can directly access the...
CVE-2025-65276
An unauthenticated administrative access vulnerability exists in the open-source HashTech project https://github.com/henzljw/hashtech 1.0 thru commit 5919decaff2681dc250e934814fc3a35f6093ee5 2021-07-02. Due to missing authentication checks on /adminindex.php, an attacker can directly access the...
CVE-2025-65276
An unauthenticated administrative access vulnerability exists in the open-source HashTech project https://github.com/henzljw/hashtech 1.0 thru commit 5919decaff2681dc250e934814fc3a35f6093ee5 2021-07-02. Due to missing authentication checks on /adminindex.php, an attacker can directly access the...
CVE-2025-65276
CVE-2025-65276 affects the HashTech project. A missing authentication check on /admin_index.php allows unauthenticated access to the admin dashboard, enabling full administrative control (viewing/modifying user accounts, managing orders, changing payments, editing product listings) and potential ...
TastyIgniter Has an Incorrect Access Control Vulnerability
TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the Orders Management System, allowing unauthorized users to update order statuses. The issue occurs in the indexonUpdateStatus function within Orders.php, which fails to verify if the user has permission to modify an order'...
CVE-2024-44314
TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the Orders Management System, allowing unauthorized users to update order statuses. The issue occurs in the indexonUpdateStatus function within Orders.php, which fails to verify if the user has permission to modify an order'...
CVE-2024-44314
TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the Orders Management System, allowing unauthorized users to update order statuses. The issue occurs in the indexonUpdateStatus function within Orders.php, which fails to verify if the user has permission to modify an order'...
CVE-2024-44314
TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the Orders Management System, allowing unauthorized users to update order statuses. The issue occurs in the indexonUpdateStatus function within Orders.php, which fails to verify if the user has permission to modify an order'...
CVE-2024-44314
TastyIgniter 3.7.6 contains an Incorrect Access Control in the Orders Management System. The vulnerability resides in Orders.php: index_onUpdateStatus(), which fails to verify a user’s permission before updating an order’s status. This allows unauthorized users to remotely modify orders (I:H, P:L...
GAzie <= 5.20 Cross Site Request Forgery
Exploit for php platform in category web applications ======================================== GAzie Date: 5/02/2012 Site: http://www.giudinvx.altervista.org/ -------------------------------------------------------- @Application Info: Multicompany finance application written in PHP using a MySql...