2 matches found
CVE-2026-39848 Dockyard's Unauthenticated Cron Endpoint in Dockyard Enables Container Enumeration and Database Manipulation
Dockyard is a Docker container management app. Prior to 1.1.0, Docker container start and stop operations are performed through GET requests without CSRF protection. A remote attacker can cause a logged-in administrator's browser to request /apps/action.php?action=stop&name= or...
CVE-2024-47902
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber All versions V8.2.12, InterMesh 7707 Fire Subscriber All versions V7.2.12 only if the IP interface is enabled which is not the default configuration. The web server of affected devices does not authenticate GET requests...