Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versions 16.2.1 and 17.1.1 where certain API endpoints are exposed without enforcing
Umbraco, a free and open source .NET content management system, has a vulnerability in versions 10.0.0 through 10.8.10 and 13.0.0 through 13.9.1. Via a request to an anonymously authenticated endpoint
An insecure direct object reference (IDOR) vulnerability in the Fullstep V5 registration process allows authenticated users to access data belonging to other registered users through various vulnerabl
Umbraco is a free and open source .NET content management system. An improper API access control issue has been identified Umbraco's API management package prior to versions 15.2.3 and 14.3.3, allowin
SAP BusinessObjects Business Intelligence Platform lets an unauthenticated remote attacker send crafted requests through the URL parameter that controls the login page error message. This can cause th
Umbraco, a free and open source .NET content management system, has an improper access control issue starting in version 14.0.0 and prior to version 14.3.0. The issue allows low-privilege users to acc
Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability
Umbraco is an ASP.NET CMS. Some endpoints in the Management API can return stack trace information, even when Umbraco is not in debug mode. This vulnerability is fixed in 14.1.2.
SAP BusinessObjects BI Platform allows an unauthenticated attacker to send specially crafted requests that could cause the Content Management Server (CMS) to crash and automatically restart. By repeat
A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no longer maintained or patched by the vendor, allows an unauthorised user to retrieve sensitive database
A critical information disclosure vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters due to Incorrect Access Control (CWE-284). Unauthenticated attac
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2501.0001), Opcenter Intelligence (All versions < V2501.0001), Opcenter Quality (All versions < V2512), Opcenter R
Eidos is an extensible framework for Personal Data Management. Versions 0.21.0 and below contain a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embeddin
A vulnerability was determined in Sangfor Operation and Maintenance Security Management System 3.0. Impacted is an unknown function of the file /fort/portal_login of the component Frontend. This manip
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive user information using an expired access token
A security vulnerability has been detected in Intelbras ICIP 2.0.20. Affected is an unknown function of the file /xml/sistema/acessodeusuario.xml. Such manipulation of the argument NomeUsuario/SenhaAc
A vulnerability has been identified in Opcenter Quality (All versions < V2406), Opcenter RDnL (All versions < V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Upd
An unauthenticated SQL injection vulnerability exists in the GetLyfsByParams endpoint of Bian Que Feijiu Intelligent Emergency and Quality Control System, accessible via the /AppService/BQMedical/WebS
An Insecure Direct Object Reference (IDOR) in Envasadora H2O Eireli - Soda Cristal v40.20.4 allows authenticated attackers to access sensitive data for other users via a crafted HTTP request.
Umbraco CMS is an ASP.NET CMS. An authenticated user can access a few unintended endpoints. This issue is fixed in 14.1.2.
Page 1+ Next →