7 matches found
CVE-2025-4633 Default Credentials
Default credentials were present in the web portal for Airpointer 2.4.107-2, allowing an unauthenticated malicious actor to log in via the web portal...
PT-2025-23270
Name of the Vulnerable Software and Affected Versions: Airpointer version 2.4.107-2 Description: The issue concerns default credentials being present in the web portal, allowing an unauthenticated malicious actor to log in via the web portal. Recommendations: For Airpointer version 2.4.107-2,...
CVE-2024-46431
Tenda W18E V16.01.0.81625 is vulnerable to Buffer Overflow. An attacker with access to the web management portal can exploit this vulnerability by sending specially crafted data to the delWewifiPic function...
CVE-2021-27704
Appspace 6.2.4 is affected by Incorrect Access Control via the Appspace Web Portal password reset page...
PT-2023-26536 · Snow · Software License Manager
Name of the Vulnerable Software and Affected Versions: Snow Software license manager versions 8.0.0 through 9.30.1 Description: The issue is related to a blind SQL injection in a service running in the Snow Software license manager. This allows a logged-in user with high privileges to inject SQL...
CVE-2019-3428
The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users’ information leakage...
JVN#11424086: Password Vault Web Access vulnerable to cross-site scripting
Password Vault Web Access PVWA is a module in the Privileged Identity Management Suite that allows access via a web portal. PVWA contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the web browser of an user who is logged on. Solution Apply a patch Apply t...