Filtered by CWE-425
Filtered by vendor Subscriptions
Total 177 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-11326 1 Topcon 2 Net-g5, Net-g5 Firmware 2024-11-21 8.8 High
An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2. The web interface of the product is protected by a login. A guest is allowed to login. Once logged in as a guest, an attacker can browse a URL to read the password of the administrative user. The same procedure allows a regular user to gain administrative privileges. The guest login is possible in the default configuration.
CVE-2018-7526 1 Beaconmedaes 2 Scroll Medical Air Systems, Scroll Medical Air Systems Firmware 2024-11-21 N/A
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, by accessing a specific uniform resource locator (URL) on the webserver, a malicious user may be able to access information in the application without authenticating.
CVE-2018-6669 1 Mcafee 1 Application Change Control 2024-11-21 N/A
A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before allows a remote or local user to execute blacklisted files through an ASP.NET form.
CVE-2018-6624 1 Omron 7 Ns10, Ns12, Ns15 and 4 more 2024-11-21 N/A
OMRON NS devices 1.1 through 1.3 allow remote attackers to bypass authentication via a direct request to the .html file for a specific screen, as demonstrated by monitor.html.
CVE-2018-3774 2 Redhat, Url-parse Project 2 Quay, Url-parse 2024-11-21 9.8 Critical
Incorrect parsing in url-parse <1.4.3 returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Open Redirect, Bypass Authentication Protocol.
CVE-2018-19620 1 Showdoc 1 Showdoc 2024-11-21 N/A
ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified page_id.
CVE-2018-19207 1 Van-ons 1 Wp-gdpr-compliance 2024-11-21 N/A
The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows remote attackers to execute arbitrary code because $wpdb->prepare() input is mishandled, as exploited in the wild in November 2018.
CVE-2018-19143 2 Debian, Otrs 2 Debian Linux, Open Ticket Request System 2024-11-21 N/A
Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.
CVE-2018-19109 1 Tianti Project 1 Tianti 2024-11-21 N/A
tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column.
CVE-2018-18922 1 Abisoftgt 1 Ticketly 2024-11-21 N/A
add_user in AbiSoft Ticketly 1.0 allows remote attackers to create administrator accounts via an action/add_user.php POST request.
CVE-2018-18862 1 Bmc 2 Remedy Action Request System, Remedy Mid-tier 2024-11-21 N/A
BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control in ITAM forms, as demonstrated by TLS%3APLR-Configuration+Details/Default+Admin+View/, AST%3AARServerConnection/Default+Admin+View/, and AR+System+Administration%3A+Server+Information/Default+Admin+View/.
CVE-2018-16706 1 Lg 1 Supersign Cms 2024-11-21 N/A
LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP request to /qsr_server/device/reboot on port 9080.
CVE-2018-16060 1 Mitsubishielectric 2 Smartrtu, Smartrtu Firmware 2024-11-21 7.5 High
Mitsubishi Electric Europe B.V. SmartRTU devices allow remote attackers to obtain sensitive information (directory listing and source code) via a direct request to the /web URI.
CVE-2018-11346 1 Asustor 2 As6202t, As6202t Firmware 2024-11-21 N/A
An insecure direct object reference vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows the ability to reference the "download_sys_settings" action and then specify files arbitrarily throughout the system via the act parameter.
CVE-2017-2486 1 Apple 2 Iphone Os, Safari 2024-11-21 N/A
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site.
CVE-2017-2161 1 Toshiba 1 Flashair 2024-11-21 N/A
FlashAirTM SDHC Memory Card (SD-WE Series <W-03>) V3.00.02 and earlier and FlashAirTM SDHC Memory Card (SD-WD/WC Series <W-02>) V2.00.04 and earlier allows authenticated attackers to bypass access restrictions to obtain unauthorized image data via unspecified vectors.
CVE-2017-2143 1 Frogman Office Inc 2 Cs-cart Japanese Edition, Cs-cart Multivendor Japanese Edition 2024-11-21 N/A
CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10-jp-1 and earlier allows remote attackers to bypass access restriction to create a request to return a customer purchased item via rma.post.php.
CVE-2017-2139 1 Frogman Office Inc 1 Cs-cart 2024-11-21 N/A
CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to bypass access restriction to obtain customer information via orders.pre.php.
CVE-2017-17736 1 Kentico 1 Kentico Cms 2024-11-21 N/A
Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote attackers to obtain Global Administrator access by visiting CMSInstall/install.aspx and then navigating to the CMS Administration Dashboard.
CVE-2017-15235 1 Horde 1 Groupware 2024-11-21 N/A
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename.