CVE-2022-36454

A vulnerability in the MiCollab Client API of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated attacker to impersonate another user's name...

CVE-2005-1404

MyPHP Forum 1.0 allows remote attackers to spoof the username by modifying the 1 nbuser parameter to post.php or 2 sender parameter to privmsg.php...

HCL BigFix Inventory 安全漏洞

HCL BigFix Inventory is a software inventory from HCL USA. Maintaining software audits reduces security risks through software compliance and utilization management. HCL BigFix Inventory has a security vulnerability that stems from insufficient permissions or improper handling of privileges. An...

CVE-2024-1367 Command Injection Vulnerability in Tenable Security Center

A command injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Logging parameters, which could lead to the execution of arbitrary code on the Security Center host...

CVE-2018-16477

A bypass vulnerability in Active Storage = 5.2.0 for Google Cloud Storage and Disk services allow an attacker to modify the content-disposition and content-type parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as...