30 matches found
CVE-2023-48374 SmartStar Software CWS Web-Base - Use of Hard-coded Credentials
SmartStar Software CWS is a web-base integration platform, it has a vulnerability of using a hard-coded for a specific account with low privilege. An unauthenticated remote attacker can exploit this vulnerability to run partial processes and obtain partial information, but can't disrupt service o...
PT-2023-30809 · Softnext · Softnext Mail Sqr Expert
Name of the Vulnerable Software and Affected Versions: Softnext Mail SQR Expert affected versions not specified Description: The issue is related to a Local File Inclusion LFI vulnerability in a mail deliver-related URL. An unauthenticated remote attacker can exploit this vulnerability to execute...
PT-2023-30801 · Unknown · Smartstar Software Cws
Name of the Vulnerable Software and Affected Versions: SmartStar Software CWS affected versions not specified Description: The issue is related to the use of a hard-coded account with low privilege in SmartStar Software CWS, a web-based integration platform. An unauthenticated remote attacker can...
PT-2023-30814 · Kaifa Technology · Webitr
Name of the Vulnerable Software and Affected Versions: Kaifa Technology WebITR affected versions not specified Description: The issue concerns Kaifa Technology WebITR, an online attendance system. A remote attacker with regular user privileges can obtain partial sensitive system information from ...
PT-2023-6425 · Vmware · Vcenter Server +1
Name of the Vulnerable Software and Affected Versions: vCenter Server versions affected versions not specified Description: The issue is related to a partial information disclosure vulnerability in vCenter Server. It may allow a malicious actor with non-administrative privileges to access...
CVE-2022-31699
VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure...
CVE-2022-31699
VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure...
VMware ESXi 缓冲区错误漏洞
VMware ESXi is a server virtualization platform from VMware that can be installed directly on physical servers. A security vulnerability exists in VMware ESXi| vCenter Server that originates from a contained heap overflow, which could be exploited by an attacker to achieve partial information...
Huawei Honor V30 OxfordS-AN00A Authorization Issues Vulnerability
Huawei Honor V30 is a smartphone from Chinese company Huawei Huawei. An authorization issue vulnerability exists in Huawei Honor V30 OxfordS-AN00A prior version 10.0.1.167 C00E166R4P1. An attacker can exploit the vulnerability to obtain partial information with the help of a malicious application...
Mail.ru: By pass admin panel [seminars.mail.ru]
An partial information from seminars.mail.ru could be obtained due to invalid access restrictions seminars.mail.ru is not in Bug Bounty scope, but some reward was issued due to problem significance...