Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2022-24629

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. Remote code execution can be achieved via directory traversal in the dir parameter of…

Devamını oku

CVE-2022-24630

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. BrowseFiles.php allows a ?cmd=ssh POST request with an ssh_command field that is executed. Zafiyet…

Devamını oku

CVE-2022-24631

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is stored XSS via the ajaxTenants.php desc parameter. Zafiyet ile ilgili Genel Bilgi,…

Devamını oku

CVE-2022-24632

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is directory traversal during file download via the BrowseFiles.php view parameter. Zafiyet ile…

Devamını oku

CVE-2019-19791

In LemonLDAP::NG (aka lemonldap-ng) before 2.0.7, the default Apache HTTP Server configuration does not properly restrict access to SOAP/REST endpoints (when some LemonLDAP::NG setup options…

Devamını oku

CVE-2020-29547

An issue was discovered in Citadel through webcit-926. Meddler-in-the-middle attackers can pipeline commands after POP3 STLS, IMAP STARTTLS, or SMTP STARTTLS commands, injecting cleartext commands…

Devamını oku

CVE-2021-27825

A directory traversal vulnerability on Mercury MAC1200R devices allows attackers to read arbitrary files via a web-static/ URL. Zafiyet ile ilgili Genel Bilgi, Etki ve…

Devamını oku

CVE-2021-37845

An issue was discovered in Citadel through webcit-932. A meddler-in-the-middle attacker can fixate their own session during the cleartext phase before a STARTTLS command (a…

Devamını oku