14 matches found
CVE-2024-39864
The CloudStack integration API service allows running its unauthenticated API server usually on port 8096 when configured and enabled via integration.api.port global setting for internal portal integrations and for testing purposes. By default, the integration API service port is disabled and is...
CVE-2024-31204
mailcow: dockerized is an open source groupware/email suite based on docker. A security vulnerability has been identified in mailcow affecting versions prior to 2024-04. This vulnerability resides in the exception handling mechanism, specifically when not operating in DEVMODE. The system saves...
CVE-2020-14275
Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations...
Siemens SCALANCE X-200, XR300-WG 3.0 and 3.1 RCDP Triggered Unauthorized Administrative Actions
Binary data 720205.prm...
CVE-2017-12736
After initial configuration, the Ruggedcom Discovery Protocol RCDP is still able to write to the device under certain conditions. This could allow an attacker located in the adjacent network of the targeted device to perform unauthorized administrative actions...
CVE-2017-12736
After initial configuration, the Ruggedcom Discovery Protocol RCDP is still able to write to the device under certain conditions. This could allow an attacker located in the adjacent network of the targeted device to perform unauthorized administrative actions...
Siemens Ruggedcom WIN Vulnerability
OVERVIEW IOActive has coordinated with Siemens regarding multiple vulnerabilities in the Ruggedcom WIN firmware. Siemens has produced firmware updates that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely if there is network access to the affected service. AFFECT...
GSC Client 1.00 2067 - Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29718/info GSC Client is prone to a privilege-escalation vulnerability because it fails to sufficiently validate administrator credentials. An attacker can exploit this vulnerability to perform unauthorized administrative...
WAGO Multiple Remote Vulnerabilities
WAGO is prone to multiple security vulnerabilities, including: 1. A security-bypass vulnerability 2. Multiple information-disclosure vulnerabilities 3. A cross-site request forgery vulnerability Successful attacks can allow an attacker to obtain sensitive information, bypass certain security...
GSC Client 1.00 2067 - Privilege Escalation
GSC Client 1.00 2067 - Privilege Escalation source: https://www.securityfocus.com/bid/29718/info GSC Client is prone to a privilege-escalation vulnerability because it fails to sufficiently validate administrator credentials. An attacker can exploit this vulnerability to perform unauthorized...
GSC Client 1.00 2067 - Privilege Escalation
source: https://www.securityfocus.com/bid/29718/info GSC Client is prone to a privilege-escalation vulnerability because it fails to sufficiently validate administrator credentials. An attacker can exploit this vulnerability to perform unauthorized administrative actions; other attacks are also...
Authentication flaw
1 admin/adminlien.php3 and 2 admin/modif.php3 in liensdynamiques 2.1 do not require authentication, which allows remote attackers to perform unauthorized administrative actions using a direct request...
CVE-2007-0261
snews.php in sNews 1.5.30 and earlier does not properly exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions, as demonstrated by changing an administrative password via the changeup task, and by uploading PHP code via the imagefile parameter...
CVE-2006-6785
The 1 settings.php and 2 subscribers.php scripts in Open Newsletter 2.5 and earlier do not exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions, or execute arbitrary code in conjunction with another vulnerability...