CVE-2024-6078 IMPACT
An improper authentication vulnerability exists in the affected product, which could allow a malicious user to generate cookies for any user ID without the use of a username or p
CVE-2024-10386 IMPACT
An authentication
vulnerability exists in the affected product. The vulnerability could allow a
threat actor with network access to send crafted messages to the device, potent
CWE-287: Improper Authentication vulnerability exists that could cause an Authentication Bypass when an
unauthorized user without permission rights has physical access to the EPAS-UI computer and is a
An improper authentication vulnerability [CWE-287] in Fortinet FortiClientEMS version 7.4.0 and before 7.2.4 allows an unauthenticated attacker with the knowledge of the targeted user's FCTUID and VDO
A reflected cross-site scripting (XSS) vulnerability exists in the account registration flow of WSO2 Identity Server due to improper output encoding. A malicious actor can exploit this vulnerability b
A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulation can lead to use of default password. The attack n
A vulnerability, which was classified as critical, was found in quequnlong shiyi-blog up to 1.2.1. Affected is an unknown function of the file /api/sys/user/verifyPassword/ of the component Administra
CVE-2024-10387 IMPACT
A Denial-of-Service
vulnerability exists in the affected product. The vulnerability could allow a
threat actor with network access to send crafted messages to the device,
pote
The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to
Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Disable: from 2.0.0 before 2.1.1.
Successful exploitation of the vulnerability could allow an unauthenticated attacker to conduct brute force guessing and account takeover as the session cookies are predictable, potentially allowing t
A vulnerability was found in RashminDungrani online-banking up to 2337ad552ea9d385b4e07b90e6f32d011b7c68a2. This affects an unknown part of the file /site/dist/auth_login.php. Performing manipulation
CVE-2024-45823 IMPACT
An
authentication bypass vulnerability exists in the affected product. The
vulnerability exists due to shared secrets across accounts and could allow a threat
actor to imperso
A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been classified as critical. Affected is an unknown function of the file /user.php of the com
A vulnerability was found in jack0240 魏 bskms 蓝天幼儿园管理系统 up to dffe6640b5b54d8e29da6f060e0493fea74b3fad. It has been rated as critical. Affected by this issue is some unknown functionality of the file
CVE-2024-40620 IMPACT
A vulnerability exists in the affected product due to lack of encryption of sensitive information. The vulnerability results in data being sent between the Console and the Dashb
A vulnerability, which was classified as critical, has been found in Baiyi Cloud Asset Management System up to 20250204. This issue affects some unknown processing of the file /wuser/admin.house.colle
A vulnerability was determined in SourceCodester Client Database Management System 1.0. The impacted element is an unknown function of the file /superadmin_user_update.php. This manipulation causes im
The affected product is vulnerable to an attacker being able to use commands without providing a password which may allow an attacker to leak information.
Vulnerability of improper authentication in the ANS system service module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Page 1+ Next →