60 matches found
CVE-2025-14750
The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. A low-privileged user can modify the parameters and potentially manipulate account-level privileges...
EUVD-2025-206328
The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. A low-privileged user can modify the parameters and potentially manipulate account-level privileges...
CVE-2025-14750
The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. A low-privileged user can modify the parameters and potentially manipulate account-level privileges...
CVE-2023-50811
An issue discovered in SELESTA Visual Access Manager 4.38.6 allows attackers to modify the “computer” POST parameter related to the ID of a specific reception by POST HTTP request interception. Iterating that parameter, it has been possible to access to the application and take control of many...
CVE-2023-31465
An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. By intercepting requests from various timekeeper streams, it is possible to find the getsamplebacklog call. Some query parameters are passed directly in the URL and named argx, with x an integer starting from 1; it is possible t...
CVE-2025-13768
WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability...
EUVD-2025-199866
WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability...
CVE-2025-13768
CVE-2025-13768 affects WebITR (Uniong). It describes an Authentication Bypass where an authenticated remote attacker can log in as any user by modifying a specific parameter, requiring the attacker to first obtain a user ID. The CVSS 3.1 metrics indicate high impact (C/H, I/H, A/H) with network a...
CVE-2025-13768 Uniong|WebITR - Authorization Bypass
WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability...
Circutor TCPRS1plus 安全漏洞
Circutor TCPRS1plus is a communication converter from Circutor Spain. A security vulnerability exists in Circutor TCPRS1plus that stems from a web server that allows an attacker to reuse old JWT tokens during legitimate session activity, potentially leading to session hijacking and security...
EUVD-2005-0319
Malware in sbrugna...
EUVD-2005-0104
Malware in sbrugna...
EUVD-2002-2376
Malware in sbrugna...
EUVD-2005-1654
Malware in sbrugna...
EUVD-2004-0670
Malware in sbrugna...
EUVD-2005-4448
Malware in sbrugna...
EUVD-2007-6026
Malware in sbrugna...
EUVD-2017-10799
Malware in sbrugna...
EUVD-2019-14053
Malware in sbrugna...
EUVD-2006-5582
Malware in sbrugna...