Jettweb PHP Hazir Haber Sitesi Scripti SQL注入漏洞

Jettweb PHP Preconfigured News Sites Script is a content management system developed by the Turkish company Jettweb. Version V1 of the Jettweb PHP Preconfigured News Sites Script has a SQL injection vulnerability. This vulnerability stems from the cid parameter, which allows for SQL injections. I...

Jettweb PHP Hazir Haber Sitesi Scripti SQL注入漏洞

Jettweb PHP Preconfigured News Sites Script is a content management system developed by the Turkish company Jettweb. The Jettweb PHP Preconfigured News Sites Script V3 version has a SQL injection vulnerability. This vulnerability stems from the q parameter, which allows for SQL injections. It cou...

CVE-2023-37225

Pexip Infinity before 32 allows Webapp1 XSS via preconfigured links...

Moodle Security Breach

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle that stems from an action in the administrator's preconfigured tool that does not contain th...

PT-2024-40446 · Packagist · Silverstripe/Framework

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned Description: The issue allows extraction of pre-configured database or default admin account passwords by viewing the source of the page and inspecting the value property of the password fields when...

CVE-2023-37225

Pexip Infinity before 32 allows Webapp1 XSS via preconfigured links...

Design/Logic Flaw

Pexip Infinity before 32 allows Webapp1 XSS via preconfigured links...

PT-2023-25844 · Pexip · Pexip Infinity

Name of the Vulnerable Software and Affected Versions: Pexip Infinity versions prior to 32 Description: The issue allows for Webapp1 XSS via preconfigured links. Recommendations: For versions prior to 32, update to version 32 or later to resolve the issue...

CVE-2023-37225

Pexip Infinity before 32 allows Webapp1 XSS via preconfigured links...

CVE-2022-40602

A flaw in the Zyxel LTE3301-M209 firmware verisons prior to V1.00ABLG.6C0 could allow a remote attacker to access the device using an improper pre-configured password if the remote administration feature has been enabled by an authenticated administrator...

CVE-2022-30270

The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations that are part of engineering software functionality. Access to this interface is controlled by 5...

Motorola Solutions ACE1000 授权问题漏洞

The Motorola Solutions ACE1000 is a Remote Terminal Unit RTU from Motorola USA. The Motorola Solutions ACE1000 RTU version suffers from an authorization issue vulnerability that stems from the fact that the affected product's SSH service is controlled by five pre-configured accounts, all of which...

PT-2022-11711 · Riverbed · Steelcentral Appinternals Dynamic Sampling Agent

Name of the Vulnerable Software and Affected Versions: SteelCentral AppInternals Dynamic Sampling Agent DSA affected versions not specified Description: A security issue was found in the SteelCentral AppInternals Dynamic Sampling Agent DSA, where it uses a ".debug command.config" file to store a...

CVE-2020-10269

One of the wireless interfaces within MiR100, MiR200 and possibly according to the vendor other MiR fleet vehicles comes pre-configured in WiFi Master Access Point mode. Credentials to such wireless Access Point default to well known and widely spread SSID MiRRXXXX and passwords omitted. This...

Inherent Risks of Using the Intelligent Platform Management Interface (IPMI) on the Lenovo System x Integrated Management Module (IMM), Integrated Management Module II (IMM2) and ThinkServer TSM - us

Lenovo Security Advisory: LEN-10617 Potential Impact: Access to systems through IPMI if default settings are not changed Severity: High Scope of Impact: Industry-Wide CVE Identifiers: CVE-2013-4037, CVE-2013-4031 Summary Description: Various risks with the industry-standard Intelligent Platform...

Quantum Scalar i500, Dell ML6000 and IBM TS3310 tape libraries web interface and preconfigured password vulnerabilities

Overview Cross scripting and preconfigured password vulnerabilities have been reported to exist in the Quantum Scalar i500, Dell ML6000 and IBM TS3310 tape libraries. Description Quantum Scalar i500, Dell ML6000 and IBM TS3310 enterprise tape libraries contain multiple web interface and...