CVE-2019-19832

Xerox AltaLink C8035 printers allow CSRF. A request to add users is made in the Device User Database form field to the xerox.set URI. The frmUserName value must have a unique name...

Logic flaw vulnerability in the electronic document security management system of Beijing Yisaitong Technology Development Co., Ltd (CNVD-2023-96198)

Beijing Yisetong Technology Development Co., Ltd. is a domestic data security, network security and security services provider of three major business. The electronic document security management system of Beijing Yisetong Technology Development Co., Ltd. has a logic flaw vulnerability, which can...

Logic Flaw Vulnerability in 5MP Network Camera of Zhejiang YUV Technology Co.

Zhejiang YUVE Technology Co. Ltd. is a global provider of AIoT products, solutions and full-stack capabilities. A logic flaw vulnerability exists in the 5MP Network Camera of Zhejiang YUV Technology Co. Ltd, which can be exploited by an attacker to arbitrarily add users...

CGI - mailnews.cgi vulnerability...

Hello BuGReaders... Script: mailnews.cgi Introduction: cat from source CGI-Script MAILNEWS 1.3 This script helps you to maintain a mailinglist. /cat Tested Version: 1.1, 1.3 Author dont parse some characters and he use very stupid "password protection". We can add or delete users from maillist...