Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
CWE
:
Tytuł
Data
Autor
Med.
Barco wePresent Authentication Bypass
21.11.2020
Jim Becher
Med.
ABUS Secvest Hybrid Module FUMO50110 Authentication Bypass
01.08.2020
Matthias Deeg
High
Seagate GoFlex Satellite Remote Telnet Default Password
19.12.2015
Matt Bergin
High
Linksys EA6100 Wireless Router Authentication Bypass
05.12.2015
Matt Bergin
Med.
Password Safe And Repository Enterprise 7.4.4 Build 2247 SQL Injection
13.10.2015
Matthias Deeg
High
BullGuard Internet Security 15.0.297 Authentication Bypass
08.05.2015
Matthias Deeg
High
BullGuard Antivirus 15.0.297 Authentication Bypass
07.05.2015
Matthias Deeg
High
BullGuard Premium Protection 15.0.297 Authentication Bypass
07.05.2015
Matthias Deeg
High
InFocus IN3128HD Projector Missing Authentication
28.04.2015
CORE
High
Panda Internet Security 2015 15.0.1 Authentication Bypass
15.04.2015
Matthias Deeg
High
Panda Gold Protection 2015 15.1.0 Authentication Bypass
15.04.2015
Matthias Deeg
High
Panda Global Protection 2015 15.1.0 Authentication Bypass
15.04.2015
Matthias Deeg
High
Panda Antivirus Pro 2015 15.1.0 Authentication Bypass
15.04.2015
Matthias Deeg
Med.
Linksys Access Bypass
17.08.2013
K Lovett & M Claunch
Common Weakness Enumeration (CWE)
CVE
Szczegóły
Opis
2023-11-03
CVE-2023-3277
Updating...
The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and including, 4.10.7 due to improper implementation of the Apple login feature. This allows unauthenticated attackers to log in as any user as long as they know the user's email address. We are disclosing this issue as the developer has not yet released a patch, but continues to release updates and we escalated this issue to the plugin's team 30 days ago.
2023-10-26
CVE-2023-46747
Updating...
Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
2023-10-11
CVE-2023-4957
Updating...
A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the setvarsResults.cgi file. For this vulnerability to be exploitable, the printers protected mode must be disabled.
2023-09-19
CVE-2023-42793
Updating...
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
2023-09-14
CVE-2023-4702
Updating...
Authentication Bypass Using an Alternate Path or Channel vulnerability in Yepas Digital Yepas allows Authentication Bypass.This issue affects Digital Yepas: before 1.0.1.
2023-09-11
CVE-2023-41256
Updating...
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 are vulnerable to authentication bypass that could allow an unauthorized attacker to obtain user access.
2023-08-31
CVE-2023-3162
Updating...
The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. This is due to insufficient verification on the user being supplied during a Stripe checkout through the plugin. This allows unauthenticated attackers to log in as users who have orders, who are typically customers.
2023-06-30
CVE-2023-3249
Updating...
The Web3 �?? Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.6.0. This is due to incorrect authentication checking in the 'hidden_form_data' function. This makes it possible for authenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username.
CVE-2023-2834
Updating...
The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.3.7. This is due to insufficient verification on the user being supplied during booking an appointment through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email.
2023-06-29
CVE-2023-2982
Updating...
The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during a login validated through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they know the email address associated with that user. This was partially patched in version 7.6.4 and fully patched in version 7.6.5.
Copyright
2024
, cxsecurity.com
Back to Top