14 matches found
EUVD-2026-39591
Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior have a predictable registration ID derived from IMEI. The enrollment system lacks additional authentication before assignment. If an attacker is able to obtain the registration ID, they would be able to arbitrarily...
CVE-2026-9219
Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior have a predictable registration ID derived from IMEI. The enrollment system lacks additional authentication before assignment. If an attacker is able to obtain the registration ID, they would be able to arbitrarily...
CVE-2026-9219
CVE-2026-9219 affects the Setracker2 Android Companion App (package com.tgelec.setracker) up to version 3.1.5. The root cause is a predictable registration ID derived from IMEI and an enrollment system that lacks additional authentication before assignment. If an attacker can obtain the registrat...
CVE-2025-8018
A vulnerability was found in code-projects Food Ordering Review System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /user/reservationpage.php. The manipulation of the argument regId leads to sql injection. The attack can be launched...
CVE-2025-4466
A vulnerability was found in itsourcecode Gym Management System 1.0. It has been classified as critical. This affects an unknown part of the file /ajax.php?action=savepayment. The manipulation of the argument registrationid leads to sql injection. It is possible to initiate the attack remotely. T...
itsourcecode Gym Management System 注入漏洞
itsourcecode Gym Management System is an itsourcecode open source gym management system. An injection vulnerability exists in itsourcecode Gym Management System version 1.0, which originates from SQL injection due to the operation of the registrationid parameter in the file...
CVE-2024-2686
A vulnerability has been found in Campcodes Online Job Finder System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/applicants/controller.php. The manipulation of the argument JOBREGID leads to cross site scripting. The attack can be initiated...
CVE-2023-35837
An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. Authentication for web interface is completed via an unauthenticated WiFi AP. The administrative password for the web interface has a default password, equal to the registration ID of the device. This same registration ID is used as...
PT-2024-12514 · Solax · Solax Pocket Wifi
Name of the Vulnerable Software and Affected Versions: SolaX Pocket WiFi versions 3 through 3.001.02 Description: An issue was discovered where authentication for the web interface is completed via an unauthenticated WiFi AP. The administrative password for the web interface has a default passwor...
Acoustica Pianissimo 1.0 Build 12 (Registration ID) Buffer Overflow PoC
The vulnerability is caused due to a boundary error in the processing of a user input in the registration id field of the registration procedure, which can be exploited to cause a buffer overflow when a user inserts long array of string for the ID. Successful exploitation could allow execution of...
Acoustica Pianissimo 1.0 Build 12 Buffer Overflow
Acoustica Pianissimo 1.0 Build 12 Registration ID Buffer Overflow PoC Vendor: Acoustica, Inc. Product web page: http://www.acoustica.com Affected version: 1.0 Build 12 Summary: Pianissimo virtual piano uses a combination of sample playback and advanced physical modeling to create a stunning...
Acoustica Pianissimo 1.0 Build 12 (Registration ID) Buffer Overflow PoC
Summary Pianissimo virtual piano uses a combination of sample playback and advanced physical modeling to create a stunning acoustic grand piano sound. Starting with 250 MB of high quality samples of a Steinway™ Model D grand piano, Pianissimo uses complex signal processing and programming to...
CVE-2013-6973
Cisco WebEx Training Center is affected by CVE-2013-6973 due to improper handling of inputs, allowing remote attackers to discover other users’ registration IDs via a crafted URL. The vulnerability enables unauthenticated information disclosure and is detailed in Cisco’s advisory Cisco-SA-2013121...
Cisco WebEx Training Center Registration ID Exposure Vulnerability
A vulnerability in Cisco WebEx Training Center could allow an unauthenticated, remote attacker to gather the registration ID of other users. The vulnerability is due to inappropriate disclosure of sensitive information to unauthenticated users. An attacker could exploit this vulnerability by...