188 matches found
PT-2025-47203
Name of the Vulnerable Software and Affected Versions itsourcecode Web-Based Internet Laboratory Management System version 1.0 Description A flaw exists in itsourcecode Web-Based Internet Laboratory Management System 1.0. The issue impacts an unknown function within the /user/controller.php file...
CVE-2025-12351
Honeywell S35 Series Cameras contains an authorization bypass Vulnerability through User controller key. An attacker could potentially exploit this vulnerability, leading to Privilege Escalation to admin privileged functionalities . Honeywell also recommends updating to the most recent version of...
CVE-2025-12351
Honeywell S35 Series Cameras contains an authorization bypass Vulnerability through User controller key. An attacker could potentially exploit this vulnerability, leading to Privilege Escalation to admin privileged functionalities . Honeywell also recommends updating to the most recent version of...
EUVD-2025-36196
Honeywell S35 Series Cameras contains an authorization bypass Vulnerability through User controller key. An attacker could potentially exploit this vulnerability, leading to Privilege Escalation to admin privileged functionalities . Honeywell also recommends updating to the most recent version of...
CVE-2025-12351 Inadequate access control measure allows unauthorized users to access restricted administrative functions
Honeywell S35 Series Cameras contains an authorization bypass Vulnerability through User controller key. An attacker could potentially exploit this vulnerability, leading to Privilege Escalation to admin privileged functionalities . Honeywell also recommends updating to the most recent version of...
CVE-2025-12351 Inadequate access control measure allows unauthorized users to access restricted administrative functions
Honeywell S35 Series Cameras contains an authorization bypass Vulnerability through User controller key. An attacker could potentially exploit this vulnerability, leading to Privilege Escalation to admin privileged functionalities . Honeywell also recommends updating to the most recent version of...
PT-2025-43970
Name of the Vulnerable Software and Affected Versions Honeywell S35 Series Cameras versions prior to 2025.08.28 Pinhole/Kit Camera Honeywell S35 Series Cameras versions prior to 2025.08.22 AI Fisheye & Dual Sensor/Micro Dome/Full Color Eyeball & Bullet Camera Honeywell S35 Series Cameras versions...
Honeywell S35 Series 安全漏洞
Honeywell S35 Series is a series of cameras from Honeywell USA. A security vulnerability exists in the Honeywell S35 Series that stems from an authorization bypass of the user controller key, which could result in elevated privileges...
CVE-2025-11406 kaifangqian kaifangqian-base SysUserController.java getAllUsers information disclosure
A security flaw has been discovered in kaifangqian kaifangqian-base up to 7b3faecda13848b3ced6c17c7423b76c5b47b8ab. This issue affects the function getAllUsers of the file kaifangqian-parent/kaifangqian-system/src/main/java/com/kaifangqian/modules/system/controller/SysUserController.java. The...
CVE-2025-11406 kaifangqian kaifangqian-base SysUserController.java getAllUsers information disclosure
A security flaw has been discovered in kaifangqian kaifangqian-base up to 7b3faecda13848b3ced6c17c7423b76c5b47b8ab. This issue affects the function getAllUsers of the file kaifangqian-parent/kaifangqian-system/src/main/java/com/kaifangqian/modules/system/controller/SysUserController.java. The...
EUVD-2025-32889
A security flaw has been discovered in kaifangqian kaifangqian-base up to 7b3faecda13848b3ced6c17c7423b76c5b47b8ab. This issue affects the function getAllUsers of the file kaifangqian-parent/kaifangqian-system/src/main/java/com/kaifangqian/modules/system/controller/SysUserController.java. The...
CVE-2025-11406
CVE-2025-11406 affects kaifangqian-base; the flaw is in SysUserController.getAllUsers (kaifangqian-parent/kaifangqian-system/src/main/java/com/kaifangqian/modules/system/controller/SysUserController.java). It enables information disclosure via remote manipulation; exploits have been released publ...
EUVD-2019-0594
Malware in sbrugna...
EUVD-2025-25427
Malicious code in bioql PyPI...
CVE-2025-11078 itsourcecode Open Source Job Portal controller.php unrestricted upload
A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/user/controller.php?action=photos. The manipulation of the argument photo leads to unrestricted upload. The attack is possible to be carried out...
CVE-2025-0077
In multiple functions of UserController.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-0077
In multiple functions of UserController.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-0077
In multiple functions of UserController.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-0077
In multiple functions of UserController.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-55366
Incorrect access control in the component \controller\UserController.java of jshERP v3.5 allows attackers to arbitrarily reset user account passwords and execute a horizontal privilege escalation attack...