Verydows 安全漏洞

Verydows is a lightweight open source e-commerce management system developed using the PHP language. A security vulnerability exists in version 2.0 of verydows, which stems from an improper privilege setting that could allow a remote attacker to execute arbitrary code...

Polycom RealPresence Group 500 安全漏洞

Polycom RealPresence Group 500 is a video conferencing endpoint device from Polycom USA that is primarily used for video communication in conference rooms and other scenarios. A security vulnerability exists in Polycom RealPresence Group 500 version 20 and prior versions, which stems from the...

Toshiba e-STUDIO Security Vulnerability

Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba Japan. A security vulnerability exists in Toshiba e-STUDIO, which originates from improper privilege settings in some programs, which can be used to execute arbitrary code on the multifunction device by hijacking...

Toshiba e-STUDIO Security Vulnerability

Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba Japan. A security vulnerability exists in Toshiba e-STUDIO, which originates from improper privilege settings in some programs, which can be used to execute arbitrary code on the multifunction device by hijacking...

Toshiba e-STUDIO Security Vulnerability

Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba Japan. A security vulnerability exists in Toshiba e-STUDIO, which originates from improper privilege settings in some programs, which can be used to execute arbitrary code on the multifunction device by hijacking...

Toshiba e-STUDIO Security Vulnerability

Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba Japan. A security vulnerability exists in Toshiba e-STUDIO, which originates from improper privilege settings in some programs, which can be used to execute arbitrary code on the multifunction device by hijacking...

Toshiba e-STUDIO Security Vulnerability

Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba Japan. A security vulnerability exists in Toshiba e-STUDIO, which originates from improper privilege settings in some programs, which can be used to execute arbitrary code on the multifunction device by hijacking...

Toshiba e-STUDIO Security Vulnerability

Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba Japan. A security vulnerability exists in Toshiba e-STUDIO, which originates from improper privilege settings in some programs, which can be used to execute arbitrary code on the multifunction device by hijacking...

IBM Robotic Process Automation has an unspecified vulnerability (CNVD-2023-05471)

IBM Robotic Process Automation is a robotic process automation product from International Business Machines IBM, Inc. can help you automate more business and IT processes at scale with the ease and speed of traditional RPA.IBM Robotic Process Automation for IBM Cloud Pak has a security...

ZTE OTCP Privilege and Access Control Vulnerability

ZTE OTCP is a set of next-generation network management platform products from ZTE Corporation ZTE in China. ZTE OTCP has a privilege and access control vulnerability, which originates from improper privilege settings and can be exploited by attackers to maliciously delete and modify files...

ZTE ZXHN H168N 信息泄露漏洞

The ZTE ZXHN H168N is a router from China's ZTE Corporation ZTE. The ZTE ZXHN H168N 3.5.0EG1T4TE suffers from an information disclosure vulnerability that originates from improper privilege settings, which can be exploited by an attacker with normal user privileges to obtain some sensitive user...

Issue of Access Control Failure in Groupmax Scheduler Server

Overview Groupmax Scheduler Server contains a vulnerability in which access privilege settings can be rendered invalid. Impact An unauthorized user may gain access to the Groupmax Scheduler Server. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take...

CVE-2007-0192

Cross-site request forgery CSRF vulnerability in the savemain operation in the adperms section in admin.php in MKPortal allows remote attackers to modify privilege settings, as demonstrated using a getURL of admin.php within a .swf file contained in an IFRAME element, aka the "All Guests are Admi...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the savemain operation in the adperms section in admin.php in MKPortal allows remote attackers to modify privilege settings, as demonstrated using a getURL of admin.php within a .swf file contained in an IFRAME element, aka the "All Guests are Admi...

CVE-2007-0192

The CVE-2007-0192 CSRF vulnerability affects MKPortal’s admin.php in the save_main operation (ad_perms) where an attacker can induce privilege changes. The issue is exposed via a crafted getURL in a .swf loaded in an IFRAME, enabling remote modification of privilege settings (All Guests are Admin...