5 matches found
EUVD-2021-18726
Malware in sbrugna...
EUVD-2021-18727
Malware in sbrugna...
CVE-2025-30351
CVE-2025-30351 affects Directus: real-time API and app dashboard for SQL DB content. From version 10.10.0 up to, but not including, 11.5.0, a suspended user can keep using a token from session auth to access the API because verifySessionJWT does not check that the user is still active. This enabl...
CVE-2024-28134
An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additional user interaction is required. The access is limited as...
Novell Groupwise 8.0 Webaccess - Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/35066/info Novell GroupWise WebAccess is prone to multiple security vulnerabilities. An attacker may leverage these issues to bypass certain security restrictions or conduct cross-site scripting attacks. Note that some of the issues may be related to BID...