PT-2021-18641 · Unknown · Network Camera Device

Name of the Vulnerable Software and Affected Versions: Network camera device affected versions not specified Description: The issue concerns the manage users profile services of the network camera device, which allows an authenticated remote attacker to modify URL parameters and amend a user's...

CmsEasy_5.5_UTF-8_20150620任意用户密码修改(最新webscan失效方法)

简要描述： cmseasy 任意用户密码修改，6.20号最新的补丁，个人觉得，cmseasy的工作人员，分析问题思路有问题，而且都是掩耳盗铃的修补方法，最后一次发cmseasy漏洞了，已经无法解救了，直接开除吧，其实这个之前在360发过，但是看到最新补丁描述，说是已经修复，但是从修复的效果看，等于没有修复 详细说明： 文件名：CmsEasy5.5UTF-820150620 先贴上官网给出的修复描述: formact.php: function searchaction iffront::get'keyword' &&!front::post'keyword'...

WordPress QAEngine Theme 1.4 Privilege Escalation

Theme Link: https://www.enginethemes.com/themes/qaengine/ - Vulnerability Description: + 1st Vulnerability: qaengine vulnerability allows an attacker to have an administrator account on the target's website vuln code in /qaengine/includes/aecore/class-ae-users.php: public function insert...