CVE-2024-5009 WhatsUp Gold SetAdminPassword Improper Access Control Privilege Escalation Vulnerability

In WhatsUp Gold versions released before 2023.1.3, an Improper Access Control vulnerability in Wug.UI.Controllers.InstallController.SetAdminPassword allows local attackers to modify admin's password...

CVE-2024-5009 WhatsUp Gold SetAdminPassword Improper Access Control Privilege Escalation Vulnerability

In WhatsUp Gold versions released before 2023.1.3, an Improper Access Control vulnerability in Wug.UI.Controllers.InstallController.SetAdminPassword allows local attackers to modify admin's password...

Progress Software WhatsUp Gold Security Vulnerability

Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. A security vulnerability exists in Progress Software WhatsUp Gold version 2023.1.3, whi...

CVE-2020-26942

An issue discovered in Axigen Mail Server 10.3.x before 10.3.1.27 and 10.3.2.x before 10.3.3.1 allows unauthenticated attackers to submit a setAdminPassword operation request, subsequently setting a new arbitrary password for the admin account...

Cross site request forgery (csrf)

An issue discovered in Axigen Mail Server 10.3.x before 10.3.1.27 and 10.3.2.x before 10.3.3.1 allows unauthenticated attackers to submit a setAdminPassword operation request, subsequently setting a new arbitrary password for the admin account...

PT-2024-10803 · Axigen · Axigen Mail Server

Name of the Vulnerable Software and Affected Versions: Axigen Mail Server versions 10.3.x through 10.3.1.26 Axigen Mail Server versions 10.3.2.x through 10.3.2.x Description: An issue in Axigen Mail Server allows unauthenticated attackers to submit a setAdminPassword operation request, setting a...

Quest DR Series Disk Backup Software Command Injection Vulnerability (CNVD-2018-15868)

The Quest DR Series are disk storage and deduplication appliances. A command injection vulnerability exists in the 'updatepw' and 'setAdminPassword' methods in versions of Quest DR Series disk backup software prior to version 4.0.3.1. An attacker can exploit this vulnerability to execute arbitrar...