EUVD-2024-17348

Malicious code in bioql PyPI...

CVE-2024-1608

In OPPO Usercenter Credit SDK, there's a possible escalation of privilege due to loose permission check, This could lead to application internal information leak w/o user interaction...

CVE-2024-1608

In OPPO Usercenter Credit SDK, there's a possible escalation of privilege due to loose permission check, This could lead to application internal information leak w/o user interaction...

Design/Logic Flaw

In OPPO Usercenter Credit SDK, there's a possible escalation of privilege due to loose permission check, This could lead to application internal information leak w/o user interaction...

CVE-2024-1608 OPPO Usercenter Credit sdk

In OPPO Usercenter Credit SDK, there's a possible escalation of privilege due to loose permission check, This could lead to application internal information leak w/o user interaction...

CVE-2024-1608 OPPO Usercenter Credit sdk

In OPPO Usercenter Credit SDK, there's a possible escalation of privilege due to loose permission check, This could lead to application internal information leak w/o user interaction...

CVE-2024-1608

The CVE affects OPPO Usercenter Credit SDK. The vulnerability is a privilege escalation caused by a loose permission check in the SDK, which can lead to an internal information leak without user interaction. Public details consistently describe the issue but do not specify affected versions, vuln...

PT-2024-18168 · Oppo · Oppo Usercenter Credit Sdk

Name of the Vulnerable Software and Affected Versions: OPPO Usercenter Credit SDK affected versions not specified Description: The issue is related to a possible escalation of privilege due to loose permission check in the OPPO Usercenter Credit SDK. This could lead to an application internal...

OPPO Usercenter Credit SDK Security Vulnerability

OPPO Usercenter Credit SDK is a software development toolset for user credit centers from OPPO Guangdong Mobile Communications OPPO, China. A security vulnerability exists in OPPO Usercenter Credit SDK, which stems from lax privilege checking, resulting in an elevation of privilege vulnerability...

SiteServer 3.6.4 /UserCenter/Platform/user.aspx SQL注入漏洞

No description provided by source...

SiteServer CMS UserCenter/login. aspx page the user name at sql injection-vulnerability warning-the black bar safety net

After testing spike the latest of the 3. Version 5 stieserver official website:www. siteserver. cn EXP: Direct access to the UserCenter/login. aspx The username at the input: 1 2 3'insert into bairongAdministratorUserName,Password,PasswordFormat,PasswordSalt...

SiteServer CMS 0Day-vulnerability warning-the black bar safety net

After testing spike the latest of the 3. Version 5 stieserver official website:www. siteserver. cn EXP: Direct access to the UserCenter/login. aspx The username at the input: 1 2 3'insert into bairongAdministratorUserName,Password,PasswordFormat,PasswordSalt...

SiteServer 3.4. 4 latest SQL injection 0day-vulnerability warning-the black bar safety net

In these days to see a station when found this CMS, the online publication of some of the vulnerability, no specific version, But in My in 3. 4. 4 on the actual test when found to be invalid, specifically for this purpose go to the official website a copy of the latest edition, Looked at it and...

SiteServer 3.4.4 logical vulnerabilities lead to SQL injection-vulnerability warning-the black bar safety net

Author: blue girl The problem is in the UserCenter. Pages. DLL in the Register, the registration process is logical to have problems, as follows: 1. The program put the user name into the database query, if the user name is not repeated, into the second step; 2. Then in the remote detection of th...

SiteServer CMS registration upload exploit-vulnerability warning-the black bar safety net

SiteServer CMS 网站 内容管理系统 是 基于 微软 .NET platform development of web content management system, which integrates the content release management, MultiSite management, timing, content acquisition, timing generation, multi-server publishing, search engine optimization, traffic statistics and many othe...

Flying Forum personal space XSS vulnerability-vulnerability warning-the black bar safety net

Article author: knowledge seekers Version: ftbbs v7. 1static installation versionseems to be the latest Vulnerable page: usercenter. asp The vulnerability occurs in the blogmid filter is not strict lead to blogmid=Checkstrrequest. form"blogmid" if blogmid"" then sql="update "&ft&"clubuser set...

CVE-2006-5303

Secure Computing SafeWord RemoteAccess 2.1 allows local users to obtain the UserCenter webportal password, database encryption keys, and signing keys by reading 1 base-64 encoded data in SERVERS\Web\Tomcat\usercenter\WEB-INF\login.conf and 2 plaintext data in SERVERS\Shared\signers.cfg. NOTE: the...