This vulnerability exists in the CAP back office application due to improper authorization checks on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipul
This vulnerability exists in the CAP back office application due to improper authentication check at the API endpoint. An unauthenticated remote attacker with a valid login ID could exploit this vulne
This vulnerability exists in the CAP back office application due to improper implementation of OTP verification mechanism in its API based login. A remote attacker with valid credentials could exploit
This vulnerability exists in the CAP back office application due to a weak password-reset mechanism implemented at API endpoints. An authenticated remote attacker with a valid login ID could exploit t
This vulnerability exists in the CAP back office application due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sendi
This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to improper access controls on certain API endpoints. An authenticated remote attacker could exploit this vulner
This vulnerability exists in the Shilpi Net Back Office due to improper access controls on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a pa
This vulnerability exists in Meon KYC solutions due to improper handling of access and refresh tokens in certain API endpoints of authentication process. A remote attacker could exploit this vulnerabi
This vulnerability exists in Meon Bidding Solutions due to improper authorization controls on certain API endpoints for the initiation, modification, or cancellation operations. An authenticated remot
Capgo before 12.128.2 contains an authentication bypass vulnerability in the /build/upload/:jobId/* endpoint that allows unauthenticated attackers to trigger consistent 500 errors. Remote attackers ca
A vulnerability in the API endpoints of Cisco Integrated Management Controller could allow an authenticated, remote attacker to bypass authorization and take actions on a vulnerable system withou
This vulnerability exists in e-Sushrut due to exposure of OTPs in plaintext within API responses. A remote attacker could exploit this vulnerability by intercepting API responses containing valid OTPs
Capgo before 12.128.2 contains a server-side request forgery vulnerability in webhook URL validation that allows loopback and internal addresses. Organization admins can configure webhooks pointing to
This vulnerability exists in Meon KYC solutions due to insufficient server-side validation of the Captcha in certain API endpoints. A remote attacker could exploit this vulnerability by intercepting t
A vulnerability in the RADIUS Policy API endpoints of Cisco ISE could allow an authenticated, remote attacker with read-only Administrator privileges to gain unauthorized access to sensitive info
A vulnerability, which was classified as problematic, has been found in 70mai M300 up to 20250611. This issue affects some unknown processing of the component HTTP Server. The manipulation leads to in
This vulnerability exists in RupeeWeb trading platform due to insufficient authorization controls on certain API endpoints handling addition and deletion operations. Successful exploitation of this vu
A vulnerability in the API subsystem of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to obtain sensitive information from an affected system.
This vulnerability i
An authentication bypass in the application API allows an unauthorized administrative account to be created. A remote attacker could exploit this vulnerability to create privileged user accounts. Succ
A broken access control (BAC) vulnerability in the web-based management interface could allow an authenticated remote attacker with low privileges to view sensitive information. Successful exploitatio
Page 1+ Next →