WordPress plugin Membership Plugin – Restrict Content 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Adikiss System Information Announcement System for Online Graduation: Cross-site Request Forgery Vulnerability

Adikiss Sistem Informasi Pengumuman Kelulusan Online is a campus information system developed by Adikiss Corporation. Version 1.0 of Adikiss Sistem Informasi Pengumuman Kelulusan Online contains a cross-site request forgeing vulnerability. This vulnerability stems from the tambahuser.php endpoint...

KiloView Encoder Series Access Control Vulnerability

The KiloView Encoder Series is a series of electronic encoders developed by the British company KiloView. The KiloView Encoder Series contains an access control vulnerability; this vulnerability stems from the lack of authentication for critical functions. This allows unauthorized attackers to...

Palo Alto Networks PAN-OS 安全漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A security vulnerability exists in Palo Alto Networks PAN-OS that originates from an unauthorized administrator potentially viewing plaintext data...

VulnCheck KEV: CVE-2023-22515

Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence...

Cisco FXOS Software Unauthorized Administrator Account (cisco-sa-20180620-nxosadmin)

According to its self-reported version, a improper file handling vulnerability exists in Cisco FX-OS Software. Therefore, an authenticated, local attacker can exploit this via CLI commands to create a unauthorized account with administrator privilages that does not require a password for...

Improper access control

VMware AirWatch Console AWC contains a Broken Access Control vulnerability. Successful exploitation of this issue could result in end-user device details being disclosed to an unauthorized administrator...

VMware AirWatch Console updates address Broken Access Control vulnerability.

VMware AirWatch Console AWC Broken Access Control VMware AirWatch Console AWC contains a Broken Access Control vulnerability. Successful exploitation of this issue could result in end-user device details being disclosed to an unauthorized administrator. The Common Vulnerabilities and Exposures...

Symantec Messaging Gateway 9.5.3-3 Cross Site Request Forgery

======= Summary ======= Name: Symantec Messaging Gateway - Easy CSRF to add a backdoor-administrator for example Release Date: 30 November 2012 Reference: NGS00263 Discoverer: Ben Williams Vendor: Symantec Vendor Reference: Systems Affected: Symantec Messaging Gateway 9.5.3-3 Risk: High Status:...