[SECURITY] Fedora 31 Update: phpMyAdmin-4.9.1-1.fc31

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

CVE-2019-14222

An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco's Solr Web Admin Interface. The vulnerability is due to the presence of a default private key that is present in all default installations. An attacker...

Design/Logic Flaw

An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco's Solr Web Admin Interface. The vulnerability is due to the presence of a default private key that is present in all default installations. An attacker...

CVE-2019-14222

An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco's Solr Web Admin Interface. The vulnerability is due to the presence of a default private key that is present in all default installations. An attacker...

Dynacolor FCM-MB40 Trust Management Issues Vulnerability

Dynacolor FCM-MB40 is an IP camera from Dynacolor, Taiwan, China. A security vulnerability exists in the Dynacolor FCM-MB40 v1.2.0.0, which originates from the program storing web-based administrative credentials in plaintext in /etc/appWeb/appweb.pass. An attacker could exploit the vulnerability...

CVE-2018-16553

In Jspxcms 9.0.0, a vulnerable URL routing implementation allows remote code execution after logging in as web admin...

CVE-2018-16553

In Jspxcms 9.0.0, a vulnerable URL routing implementation allows remote code execution after logging in as web admin...

Remote code execution

In Jspxcms 9.0.0, a vulnerable URL routing implementation allows remote code execution after logging in as web admin...

CVE-2018-16553

In Jspxcms 9.0.0, a vulnerable URL routing implementation allows remote code execution after logging in as web admin...

Percona Server Authorization Issues Vulnerability

Percona Server is an open source relational database management system . An authorization issue vulnerability exists in Percona Server version 5.6.44-85.0-1 Debian and Ubuntu. The vulnerability stems from a lack of authentication measures or insufficient authentication strength in a networked...

50m-ctf: Weak credentials, Blind SQLi, Timing attack, that leads to web admin access

Summary: Discovery of the application: The h1Thermostat application was discovered by extracting the bit.do URL from the image at https://pbs.twimg.com/media/D0XoThpW0AE2r8S.png:large. The URL https://bit.do/h1therm then led to a Google Drive where the Android application file h1thermostat.apk...

CVE-2018-20219

An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. After successful authentication, the device sends an authentication cookie to the end user such that they can access the devices web administration panel. This token is hard-coded to a string in the source code...

Cisco Unified Communications Manager Information Disclosure Vulnerability (CNVD-2019-01372)

Cisco Unified Communications Manager is the powerful call processing component of the Cisco Unified Communications solution. It is a scalable, distributable, and highly available enterprise Voice over IP call processing solution. An information disclosure vulnerability exists in the web-based...

Mongo Web Admin Information Disclosure

An information disclosure vulnerability exists in Mongo Web Admin. Successful exploitation of this vulnerability could allow a remote attacker to access to a restricted file...

Mongo Web Admin 6.0 - Information Disclosure

Exploit Title: Mongo Web Admin 6.0 - Information Disclosure Dork: N/A Date: 2018-11-04 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.mongoadmin.org/ Software Link: https://netix.dl.sourceforge.net/project/mongo-web-admin/mongoDesktopAdminSetup-beta-6.exe Version: 6.0 Category: Webapps...

Mongo Web Admin 6.0 - Information Disclosure

Mongo Web Admin 6.0 - Information Disclosure Exploit Title: Mongo Web Admin 6.0 - Information Disclosure Dork: N/A Date: 2018-11-04 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.mongoadmin.org/ Software Link:...

Mongo Web Admin 6.0 Information Disclosure

Exploit Title: Mongo Web Admin 6.0 - Information Disclosure Dork: N/A Date: 2018-11-04 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.mongoadmin.org/ Software Link: https://netix.dl.sourceforge.net/project/mongo-web-admin/mongoDesktopAdminSetup-beta-6.exe Version: 6.0 Category: Webapps...

Mitel MiVoice Office 400 web admin component cross-site scripting vulnerability

Mitel MiVoice Office 400 is a small and medium-sized business communications solution from Mitel Canada. The product includes features such as video conferencing, voice calls, etc. web admin is one of the web-based management components. A cross-site scripting vulnerability exists in the web admi...

CVE-2018-16226

A vulnerability in the web admin component of Mitel MiVoice Office 400, versions R5.0 HF3 v8839a1 and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack, due to insufficient validation for the start.asp page. A successful exploit could allow th...

Cross site scripting

A vulnerability in the web admin component of Mitel MiVoice Office 400, versions R5.0 HF3 v8839a1 and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack, due to insufficient validation for the start.asp page. A successful exploit could allow th...