CVE-2025-26521

When an Apache CloudStack user-account creates a CKS-based Kubernetes cluster in a project, the API key and the secret key of the 'kubeadmin' user of the caller account are used to create the secret config in the CKS-based Kubernetes cluster. A member of the project who can access the CKS-based...

orangescrum 1.8.0 - Privilege escalation (Authenticated) Vulnerability

Exploit Title: orangescrum 1.8.0 - Privilege escalation Authenticated Exploit Author: Hubert Wojciechowski Contact Author: email protected Company: https://redteam.pl Vendor Homepage: https://www.orangescrum.org/ Software Link: https://www.orangescrum.org/ Version: 1.8.0 Tested on: Windows 10 usi...

Design/Logic Flaw

Advantech WebAccess before 8.1 allows remote attackers to read sensitive cleartext information about e-mail project accounts via unspecified vectors...

CVE-2015-3943

Advantech WebAccess before 8.1 allows remote attackers to read sensitive cleartext information about e-mail project accounts via unspecified vectors...

CVE-2015-3943

Advantech WebAccess CVE-2015-3943: An information-disclosure vulnerability in WebAccess versions before 8.1 allows remote attackers to read cleartext data from e-mail project accounts. Connected sources (ICS-CERT advisory ICSA-16-014-01, CNVD entries, NVD record) confirm the root cause involves i...