Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
CWE
:
Topic
Date
Author
Med.
Ember Enterprises E2in Improper Authentication
13.12.2020
KingSkrupellos
Med.
Sanishsoft Authentication Bypass
13.12.2020
KingSkrupellos
Med.
Sharptech Digital Marketing Agency Authentication Bypass
13.12.2020
KingSkrupellos
High
WebDehasi Hosting File Insert Authentication Bypass
09.11.2020
KingSkrupellos
Med.
HindSoft Technology Pvt Ltd India Insert File Authentication Bypass
08.11.2020
KingSkrupellos
Med.
HigsonMedia Improper Authentication
29.05.2020
KingSkrupellos
Med.
UinfoTechnology Pvt Ltd Gentelella Alela Colorlib Improper Authentication
29.05.2020
KingSkrupellos
Med.
Mildtrix Business Solutions Pvt Ltd 2.3.12 Improper Authentication
29.05.2020
KingSkrupellos
Med.
Solidale InfoTech Authentication Bypass
28.05.2020
KingSkrupellos
Med.
Bagwar Softwares Pvt Ltd Authentication Bypass
28.05.2020
KingSkrupellos
Med.
Saloni Info Tech Accocca Constructions Pvt Ltd Authentication Bypass
28.05.2020
KingSkrupellos
Med.
Ayan Advisory Private Limited Authentication Bypass
28.05.2020
KingSkrupellos
Med.
Teak Squash Design and Solutions Authentication Bypass
28.05.2020
KingSkrupellos
Med.
Gharuda Infotech Pvt Ltd Authentication Bypass
28.05.2020
KingSkrupellos
Med.
NextgenUSCorp Authentication Bypass
27.05.2020
KingSkrupellos
Med.
Upturn Smart Online Exam System Mayuri Authentication Bypass
27.05.2020
KingSkrupellos
High
WebIndiaServices Team Authentication Bypass
27.05.2020
KingSkrupellos
Med.
School Sports Promotion Foundation Sspf India Authentication Bypass
27.05.2020
KingSkrupellos
Med.
Gangotri Group Shubham Srivastava Authentication Bypass
27.05.2020
KingSkrupellos
Med.
3NetWorks Authentication Bypass
27.05.2020
KingSkrupellos
Med.
Chamilo © 2020 Campus v1 ElFinder Backdoor Access Shell Upload Vulnerability
27.05.2020
KingSkrupellos
Med.
ABCMedya Bilişim Software 2.0 Authentication Bypass
20.05.2020
KingSkrupellos
Med.
Sync Bilişim Software Arbitrary File Upload Authentication Bypass
20.05.2020
KingSkrupellos
Med.
Ja IT Solution JaisBD Bangladesh Software Authentication Bypass
18.05.2020
KingSkrupellos
Med.
Saudi Indian Football Forum Siffjeddah Authentication Bypass Shell Upload
11.05.2020
KingSkrupellos
Med.
Great Web Solutions Pvt Ltd Improper Authentication
09.05.2020
KingSkrupellos
Med.
LBMInfoTech Improper Authentication
09.05.2020
KingSkrupellos
Med.
Tiol Group WebSites Taxindiainternational Pvt Ltd Improper Authentication
09.05.2020
KingSkrupellos
Med.
Great Web Solutions Pvt Ltd Improper Authentication
09.05.2020
KingSkrupellos
Med.
Tiol Group WebSites Taxindiainternational Pvt Ltd Improper Authentication
09.05.2020
KingSkrupellos
Med.
LBMInfoTech Improper Authentication
09.05.2020
KingSkrupellos
High
ThietkeWebX Quatangtraitim VietNext Unauthorized File Upload Improper Authentication
06.05.2020
KingSkrupellos
Med.
Suvega Digital Media Pvt Ltd Improper Authentication
06.05.2020
KingSkrupellos
Med.
Du Hoc Ioc Vietnamese System Improper Authentication
06.05.2020
KingSkrupellos
Med.
Niladri Marketing Pvt. Ltd. Triimax_Ind Siimax Infotimes Improper Authentication
04.05.2020
KingSkrupellos
Med.
WebTechnologic SQL Injection Improper Authentication
04.05.2020
KingSkrupellos
Med.
ComangSoft Improper Authentication
03.05.2020
KingSkrupellos
Med.
Skynyx Technologies Private Limited Improper Authentication
03.05.2020
KingSkrupellos
Med.
GloriousWebTech Improper Authentication
03.05.2020
KingSkrupellos
Med.
Mystic Media Webinitiate Improper Authentication Backdoor Access
03.05.2020
KingSkrupellos
Med.
SkyWayInfoMedia Improper Authentication
03.05.2020
KingSkrupellos
Med.
TechDomain BD Improper Authentication
03.05.2020
KingSkrupellos
Med.
Pinnacle India Solution Admin Authentication Bypass
15.04.2020
KingSkrupellos
Med.
SSInfoTech Rohini WebDesign Company Authentication Bypass
18.09.2019
KingSkrupellos
Med.
Cisco UCS / IMC Supervisor Authentication Bypass / Command Injection
29.08.2019
Pedro Ribeiro
Med.
RecargatonerAntequera Improper Authentication Vulnerability
20.08.2019
KingSkrupellos
Med.
Sistema Mobiliario en Movimiento ComponentsMx Authentication Bypass Insert File Vulnerability
19.08.2019
KingSkrupellos
Med.
Sistema Suanca Industrias Authentication Bypass Insert File Vulnerability
19.08.2019
KingSkrupellos
Med.
Sistema CodiFarma San Jose de los Cedros Authentication Bypass Insert File Vulnerability
19.08.2019
KingSkrupellos
Med.
Bgrecuperacion Chihuahua Authentication Bypass Insert File Vulnerability
19.08.2019
KingSkrupellos
Med.
UfaCup88 Authentication Bypass Insert File Vulnerability
19.08.2019
KingSkrupellos
Med.
Keros ClaudioGarau Improper Authentication Insert File Vulnerability
19.08.2019
KingSkrupellos
Med.
AlemReklam Ajans Improper Authentication File Upload Vulnerability
17.08.2019
KingSkrupellos
Med.
Sistema Vitapromin Nuticion Inteligente Improper Authentication File Upload Vulnerability
11.08.2019
KingSkrupellos
Med.
Powered By Vlaevski Site Administration 1.0 Improper Authentication File Upload Vulnerability
11.08.2019
KingSkrupellos
Med.
Ellucian Banner Web Tailor / Banner Enterprise Identity Services Improper Authentication
14.05.2019
Joshua Mulliken
Med.
Desenvolvido por Agencia CDG Design Brasil Improper Authentication
09.04.2019
KingSkrupellos
Med.
Webmaster Atom Computer Software Counselling Improper Access Control Vulnerability
16.10.2018
KingSkrupellos
Low
WordPress Developed by Netsoft Limited Software Development Bangladesh Improper Authentication Vulnerability
05.09.2018
KingSkrupellos
Med.
Designed & Developed by Sacit.Lk SriLanka Improper Authentication Vulnerability
05.07.2018
KingSkrupellos
Med.
Powered by Yii Framework RBAC Manager for Yii 2 Improper Authentication Vulnerability
01.07.2018
KingSkrupellos
Med.
JanTek JTC-200 RS232-NET Connector CSRF / Missing Authentication
01.11.2017
Karn Ganeshen
Med.
Samsung Smart TV Wi-Fi Direction Improper Authentication
27.04.2017
Neseso Research Team
Med.
Aruba Networks AOS 6.3.1.19 Improper Authentication
08.11.2016
Klaus Tichman
High
DOKEOS ce30 Authentication Bypass
19.02.2016
High-Tech Bridge Secur...
Low
Pentaho 5.2.x BA Suite / PDI Information Disclosure
20.09.2015
Gregory DRAPERI
High
SAP HANA IU5 SDK Authentication Bypass
30.07.2014
Onapsis
High
Dahua DVR Authentication Bypass
19.07.2014
Zhejiang
High
ASUS RT Router Anonymous FTP Access
14.02.2014
Kyle Lovett
High
Router D-Link DIR-100 Multiple Vulnerabilities
04.02.2014
Felix Richter
High
Nisuta NS-WIR150NE, NS-WIR300N Authentication Bypass
11.01.2014
ampliasecurity
Med.
Burden 1.8 Privilege Escalation
09.01.2014
High-Tech Bridge Secur...
High
Vivotek IP Cameras RTSP Authentication Bypass
06.11.2013
CORE
High
Radio Thermostat Of America Inc Lack Of Authentication
02.08.2013
Daniel Crowley
High
D-Link IP Cameras Injection & Bypass
30.04.2013
CORE
Med.
Cisco Firewall Services Module Software Multiple Vulnerabilities
10.04.2013
Cisco
Med.
EMC Smarts Network Configuration Manager Improper Authentication Vulnerability
27.03.2013
EMC
Med.
Backupbuddy 2.2.4 Sensitive Data Exposure
25.03.2013
robarmstrong.te71
High
PBBoard 2.1.4 SQL Injection and Improper Authentication
09.08.2012
High-Tech Bridge Secur...
Med.
LifeSize Room Vulnerabilities
05.09.2011
securestate net
High
RealVNC Authentication Bypass
31.08.2011
Juha-Matti
High
RSA Adaptive Authentication (On-Premise) Security Issue
24.08.2011
EMC
Med.
FreeRADIUS 2.1.11 Multiple Vulns
06.08.2011
DCERT
High
IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability
30.03.2011
ZDI
Med.
Arthur de Jong \'nss-pam-ldapd\' Authentication Bypass Vulnerability
17.03.2011
Russell Sim
High
Pointter PHP Content Management System 1.0 Privilege Escalation
16.12.2010
Mark Stanislav
High
Pointter PHP Micro-Blogging Social Network 1.0 Privilege Escalation
16.12.2010
Mark Stanislav
High
OpenSSL J-PAKE Validation Error Lets Remote Users Validate Without Shared Secret Key
08.12.2010
Sebastian Martini
High
Pandora FMS <= 3.1 Authentication Bypass
05.12.2010
Juan Galiana Lara
High
Cisco Unified Videoconferencing multiple vulnerabilities
24.11.2010
Florent Daigniere
High
Camtron CMNC-200 IP Camera Authentication Bypass
18.11.2010
Trustwave's SpiderLabs
High
IBM OmniFind - several vulnerabilities
15.11.2010
Fatih Kilic
High
Likewise Open 5.4 & 6.0 Multiple Vulns
29.07.2010
Gerald Carter
Low
dootzky oblog Persistant XSS, CSRF, Admin Bruteforce
29.06.2010
null
Med.
SpringSource tc Server unauthenticated remote access to JMX interface
25.05.2010
s2-security
High
ToutVirtual VirtualIQ Multiple Vulnerabilities
21.05.2010
Claudio Criscione
High
CA XOsoft Multiple Vulns.
10.04.2010
Andrea Micalizzi aka r...
High
Varnish reverse proxy 2.0.6 Medium security hole
07.04.2010
Tim Brown
Med.
Sahana 0.6.2.2 authentication bypass
19.03.2010
nill
High
HP openview Performance Insight 5.4 Remote Execution of ArbitraryCommands
15.03.2010
HP
CVEMAP Search Results
CVE
Details
Description
2023-03-30
CVE-2023-28647
Updating...
Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In versions prior to 4.7.0 when an attacker has physical access to an unlocked device, they may enable the integration into the iOS Files app and bypass the Nextcloud pin/password protection and gain access to a users files. It is recommended that the Nextcloud iOS app is upgraded to 4.7.0. There are no known workarounds for this vulnerability.
CVE-2023-28646
Updating...
Nextcloud android is an android app for interfacing with the nextcloud home server ecosystem. In versions from 3.7.0 and before 3.24.1 an attacker that has access to the unlocked physical device can bypass the Nextcloud Android Pin/passcode protection via a thirdparty app. This allows to see meta information like sharer, sharees and activity of files. It is recommended that the Nextcloud Android app is upgraded to 3.24.1. There are no known workarounds for this vulnerability.
2023-03-29
CVE-2022-43620
Updating...
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-16142.
2023-03-17
CVE-2023-1460
Updating...
A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file admin/ajax.php?action=save_user of the component Password Change Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The identifier VDB-223305 was assigned to this vulnerability.
CVE-2023-1464
Updating...
A vulnerability, which was classified as critical, was found in SourceCodester Medicine Tracker System 1.0. This affects an unknown part of the file Users.php?f=save_user. The manipulation of the argument firstname/middlename/lastname/username/password leads to improper authentication. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-223311.
2023-03-15
CVE-2022-46774
Updating...
IBM Manage Application 8.8.0 and 8.9.0 in the IBM Maximo Application Suite is vulnerable to incorrect default permissions which could give access to a user to actions that they should not have access to. IBM X-Force ID: 242953.
CVE-2022-46773
Updating...
IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation bypass for credential pools. Invalid credential pools may be created as a result. IBM X-Force ID: 242951.
2023-03-14
CVE-2023-23857
Updating...
Due to missing authentication check, SAP NetWeaver AS for Java - version 7.50, allows an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and services across systems. On a successful exploitation, the attacker can read and modify some sensitive information but can also be used to lock up any element or operation of the system making that it unresponsive or unavailable.
2023-03-13
CVE-2023-0346
Updating...
Akuvox E11 cloud login is performed through an unencrypted HTTP connection. An attacker could gain access to the Akuvox cloud and device if the MAC address of a device if known.
CVE-2023-27582
Updating...
maddy is a composable, all-in-one mail server. Starting with version 0.2.0 and prior to version 0.6.3, maddy allows a full authentication bypass if SASL authorization username is specified when using the PLAIN authentication mechanisms. Instead of validating the specified username, it is accepted as is after checking the credentials for the authentication username. maddy 0.6.3 includes the fix for the bug. There are no known workarounds.
Copyright
2023
, cxsecurity.com
Back to Top
