CVE-2026-3943

A vulnerability was found in H3C ACG1000-AK230 up to 20260227. This affects an unknown part of the file /webui/?aaaportalauthlocalsubmit. The manipulation of the argument suffix results in command injection. The attack can be launched remotely. The exploit has been made public and could be used...

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect via EditInfoItemStrutsAction accessible through c/portal/editinfoitem. An attacker can redirect users to arbitrary external sites by crafting a malicious URL. Remediation Upgrade com.liferay:com.liferay.info.impl to versio...

CVE-2024-6880

During MegaBIP installation process, a user is encouraged to change a default path to administrative portal, as keeping it secret is listed by the author as one of the protection mechanisms. Publicly available source code of "/registered.php" discloses that path, allowing an attacker to attempt...

CVE-2018-14960

Xiao5uCompany 1.7 has CSRF via admin/Admin.asp...

SRCMS Cross-Site Request Forgery Vulnerability

SRCMS is a security emergency response and defect management software. A cross-site request forgery vulnerability exists in SRCMS version 2.3.1. An attacker can exploit this vulnerability by adding an administrator account via admin.php?m=Admin&c=manager&a=add...

CVE-2017-8913

The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity XXE attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security Note 2386873...

Muratsoft Haber Portal 3.6 (tr) Remote SQL Injection Vulnerability

No description provided by source. Muratsoft Haber Portal v3.6 tr SQL Injection Vulnerability Author : ASIANEAGLE Site : www.asianeagle.org Contact: [email protected] Link : http://www.aspindir.com/Goster/4350 Demo Portal : http://www.muratsoft.com/haber/www/ Price of Portal: 300YTL // Good...