EUVD-2026-11706

The Honeywell IQ4x building management controller, exposes its full web-based HMI without authentication in its factory-default configuration. With no user module configured, security is disabled by design and the system operates under a System Guest level 100 context, granting read/write...

CVE-2018-11018

An issue was discovered in PbootCMS v1.0.7. Cross-site request forgery CSRF vulnerability in apps/admin/controller/system/RoleController.php allows remote attackers to add administrator accounts via admin.php/role/add.html...