CVE-2025-11671

Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access a specific page to obtain information such as account names and IP addresses...

CVE-2024-9922

CVE-2024-9922 affects TeamPlus Team+ (TEAMPLUS TECHNOLOGY). The vulnerability arises from improper validation of a specific page parameter, enabling unauthenticated remote attackers to read arbitrary system files via path traversal. Documents consistently describe this as an arbitrary file read i...

CVE-2024-8776 INTUMIT SmartRobot - Cross-site Scripting

SmartRobot from INTUMIT does not properly validate a specific page parameter, allowing unautheticated remote attackers to inject JavaScript code to the parameter for Reflected Cross-site Scripting attacks...

CVE-2024-4301

N-Reporter and N-Cloud (N-Partner) are affected by CVE-2024-4301 through an OS command injection vulnerability that allows remote attackers with low privileges to execute arbitrary system commands by manipulating inputs on a specific page. The vulnerability is described across multiple sources; N...

TOTOLINK A3300R 安全漏洞

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3300R version V17.0.0cu.557B20221024 suffers from an Access Control Error vulnerability that stems from incorrect access control. An attacker can exploit the vulnerability to reset multiple critical passwor...

PT-2022-17418 · Unknown · Identity Manager

Name of the Vulnerable Software and Affected Versions: Identity Manager affected versions not specified Description: An unauthenticated user can access specific page URLs of Identity Manager's management console. However, the system does not allow the user to carry out server-side tasks without a...

How to disable the static object cache for specific page of VPN Vserver

...

CVE-2020-3921

UltraLog Express device management software stores user’s information in cleartext. Any user can obtain accounts information through a specific page...

CVE-2020-3921

UltraLog Express device management software stores user’s information in cleartext. Any user can obtain accounts information through a specific page...

CVE-2020-3921 Unisoon UltraLog Express - Sensitive Data Exposure

UltraLog Express device management software stores user’s information in cleartext. Any user can obtain accounts information through a specific page...

PT-2020-17797 · Ultralog · Ultralog Express

Name of the Vulnerable Software and Affected Versions: UltraLog Express device management software affected versions not specified Description: The issue concerns the storage of user information in cleartext by the UltraLog Express device management software. This allows any user to obtain accoun...

CVE-2018-17918

Circontrol CirCarLife all versions prior to 4.3.1, authentication to the device can be bypassed by entering the URL of a specific page...