‼ CVE-2021-46820 ‼
📖 Read
via "National Vulnerability Database".
Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/categories.php📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28865 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in PowerJob through 3.2.2, allows attackers to change arbitrary user passwords via the id parameter to /appinfo/save.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-25459 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in function sync_tree in hetero_decision_tree_guest.py in WeBank FATE (Federated AI Technology Enabler) 0.1 through 1.4.2 allows attackers to read sensitive information during the training process of machine learning joint modeling.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31295 ‼
📖 Read
via "National Vulnerability Database".
An issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36609 ‼
📖 Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /linkedcontent/editfolder.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31299 ‼
📖 Read
via "National Vulnerability Database".
Haraj v3.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the User Upgrade Form.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33739 ‼
📖 Read
via "National Vulnerability Database".
CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing vulnerability that could allow a remote attacker to potentially view the contents of any file on the system.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30326 ‼
📖 Read
via "National Vulnerability Database".
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The network pre-shared key field on the web interface is vulnerable to XSS. An attacker can use a simple XSS payload to crash the basic.config page of the web interface.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30329 ‼
📖 Read
via "National Vulnerability Database".
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30325 ‼
📖 Read
via "National Vulnerability Database".
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key for the Wi-Fi networks is the same for every router except for the last four digits. The device default pre-shared key for both 2.4 GHz and 5 GHz networks can be guessed or brute-forced by an attacker within range of the Wi-Fi network.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26173 ‼
📖 Read
via "National Vulnerability Database".
JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via http://target_host:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30328 ‼
📖 Read
via "National Vulnerability Database".
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The username and password setup for the web interface does not require entering the existing password. A malicious user can change the username and password of the interface.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33753 ‼
📖 Read
via "National Vulnerability Database".
CA Automic Automation 12.2 and 12.3 contain an insecure file creation and handling vulnerability in the Automic agent that could allow a user to potentially elevate privileges.📖 Read
via "National Vulnerability Database".
‼ CVE-2018-18907 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered on D-Link DIR-850L 1.21WW devices. A partially completed WPA handshake is sufficient for obtaining full access to the wireless network. A client can access the network by sending packets on Data Frames to the AP without encryption.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33750 ‼
📖 Read
via "National Vulnerability Database".
CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30327 ‼
📖 Read
via "National Vulnerability Database".
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The web interface is vulnerable to CSRF. An attacker can change the pre-shared key of the Wi-Fi router if the interface's IP address is known.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33754 ‼
📖 Read
via "National Vulnerability Database".
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33752 ‼
📖 Read
via "National Vulnerability Database".
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33755 ‼
📖 Read
via "National Vulnerability Database".
CA Automic Automation 12.2 and 12.3 contain an insecure input handling vulnerability in the Automic Agent that could allow a remote attacker to potentially enumerate users.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33756 ‼
📖 Read
via "National Vulnerability Database".
CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33751 ‼
📖 Read
via "National Vulnerability Database".
CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could allow a remote attacker to potentially access sensitive data.📖 Read
via "National Vulnerability Database".