Lucene search
K

13 matches found

ATTACKERKB
ATTACKERKB
added 2024/05/03 2:15 a.m.3 views

CVE-2023-32168

D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the showUser...

8.8CVSS5.8AI score0.01633EPSS
Exploits0References3
OSV
OSV
added 2024/05/03 2:15 a.m.2 views

CVE-2023-32168

D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the showUser...

8.8CVSS5.8AI score0.01633EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/03 1:56 a.m.22 views

CVE-2023-32168 D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability

D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the showUser...

8.8CVSS8.9AI score0.01633EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/03 1:56 a.m.21 views

CVE-2023-32168 D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability

D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the showUser...

8.8CVSS8.3AI score0.01633EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/10/06 12:0 a.m.6 views

The vulnerability of the showUser method in the D-View 8 network device management platform allows a hacker to escalate their privileges.

The vulnerability of the “showUser” method in the D-View 8 network device management platform is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

9CVSS7.5AI score0.01452EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/05/26 12:0 a.m.6 views

The vulnerability of the showUser method in the D-View 8 network device management platform allows a hacker to escalate their privileges.

The vulnerability of the showUser method in the D-View 8 network device management platform is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

9CVSS7.6AI score0.01633EPSS
Exploits0References5Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2023/05/24 12:0 a.m.19 views

D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the showUser method. The issue results from the lack of proper authorization before accessing a...

8.8CVSS6.6AI score0.01633EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/17 12:0 a.m.4 views

PT-2023-2873 · D Link · D-Link D-View

Name of the Vulnerable Software and Affected Versions: D-Link D-View affected versions not specified Description: This issue allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this issue. The specific flaw exists within...

9CVSS7AI score0.01633EPSS
Exploits0References7
CVE
CVE
added 2021/02/03 5:55 p.m.53 views

CVE-2019-16268

Zoho ManageEngine Remote Access Plus 10.0.259 is affected by an HTML injection vulnerability in the Admin - User Administration screen (userMgmt.do?actionToCall=ShowUser). The issue concerns the Description field and is documented across multiple sources (NVD, Red Hat advisory, CNVD). No exploit ...

4.8CVSS5.4AI score0.0181EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2021/02/03 12:0 a.m.7 views

ZOHO ManageEngine Remote Access Plus 注入漏洞

ZOHO ManageEngine Remote Access Plus is a remote access solution from ZOHO. An injection vulnerability exists in Zoho ManageEngine Remote Access Plus version 10.0.259, which allows injection of HTML via the Admin - User Administration userMgmt.do?actionToCall=ShowUser field.No detailed Details of...

4.8CVSS5.9AI score0.0181EPSS
Exploits1References3
OSV
OSV
added 2019/08/29 9:15 p.m.3 views

CVE-2019-11363

A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter...

7.2CVSS6.1AI score0.01108EPSS
Exploits0References1
NVD
NVD
added 2019/08/29 9:15 p.m.21 views

CVE-2019-11363

A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter...

7.2CVSS7.3AI score0.01108EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/29 8:1 p.m.23 views

CVE-2019-11363

A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter...

7.3AI score0.01108EPSS
Exploits0References1
Rows per page
Query Builder