EUVD-2000-0814

Malware in sbrugna...

ZOHO ManageEngine ADManager Plus 权限许可和访问控制问题漏洞

ZOHO ManageEngine ADManager Plus is a suite of Microsoft Active Directory management software from ZOHO, Inc. designed for enterprise users using Windows domains. The software assists AD administrators and helpdesk technicians with day-to-day administrative tasks, such as batch management of user...

CVE-2022-35865

This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of...

Odoo OAuth Session Hijacking Vulnerability

Odoo formerly known as OpenERP is a product of the Belgian company Odoo, an Enterprise Resource Planning ERP and Customer Relationship Management CRM system; Odoo Community Edition is its Community Edition; Odoo Enterprise Edition is its Enterprise Edition; the OAuth module is one of the Open Web...

Brother Devices - Authentication Bypass / Password Change Exploit

Most of Brother devices web authorization can be bypassed through a trivial bug in the login process. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Brother MFC-J6520DW Password Change Authentication Bypass

ASCII hex -- md5 e.g. AuthCookie=c243a9ee18a9327bfd419f31e75e71c7 for 'test' password This information can be used to crack current password from exported cookie. Fix: Minimize network access to Brother MFC device or disable HTTPS interface. Confirmed vulnerable: MFC-J6973CDW MFC-J4420DW MFC-8710...

Brother MFC-J6520DW - Authentication Bypass / Password Change

ASCII hex -- md5 e.g. AuthCookie=c243a9ee18a9327bfd419f31e75e71c7 for 'test' password This information can be used to crack current password from exported cookie. Fix: Minimize network access to Brother MFC device or disable HTTPS interface. Confirmed vulnerable: MFC-J6973CDW MFC-J4420DW MFC-8710...

Checkpoint VPN-1 Edge crossite scripting

Crossite scriptign with web authorization page...

Multiple buffer-overflow in NowSMS v2007.06.27

Luigi Auriemma Application: Now SMS/MMS Gateway http://www.nowsms.com Versions: = v2007.06.27 Platforms: Windows Bugs: A web authorization buffer-overflow B SMPP buffer-overflow Exploitation: remote Date: 19 Feb 2008 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introducti...

SureCom EP-9510AXEP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (1)

SureCom EP-9510AXEP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service 1 source: https://www.securityfocus.com/bid/9795/info An issue in the handling of specific web requests by SureCom network devices has been identified. By placing a malformed request to the web...

CVE-2000-0827

Buffer overflow in the web authorization form of Mobius DocumentDirect for the Internet 1.2 allows remote attackers to cause a denial of service or execute arbitrary commands via a long username...