HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

improper

  1. 1

    Exploits ClonOs WEB UI 19.09 Improper Access Control

    ClonOs WEB UI version 19.09 suffers from an improper access control vulnerability. View the full article
  2. 1

    Exploits Fortinet FortiSIEM 5.0 / 5.2.1 Improper Certification Validation

    A FortiSIEM collector connects to a Supervisor/Worker over HTTPS TLS (443/TCP) to register itself as well as relaying event data such as syslog, netflow, SNMP, etc. When the Collector (the client) connects to the Supervisor/Worker (the server), the client does not validate the server-provided...
  3. 1

    Exploits Inteno IOPSYS Gateway 3DES Key Extraction Improper Access

    Inteno EG200 routers with firmware versions EG200-WU7P1U_ADAMO3.16.4-190226_1650 and below have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisioning file provided by Adamo Telecom on a...
  4. 1

    Exploits Totaljs CMS 12.0 Improper Access Control

    Totaljs CMS version 12.0 suffers from a broken access control on an API call. View the full article
  5. 1

    Exploits Open-Xchange AppSuite 7.10.1 Information Disclosure / Improper Access Control

    Open-Xchange AppSuite versions 7.10.1 and below suffer from information exposure and improper access control vulnerabilities. View the full article
  6. 1

    Exploits Python GnuPG 0.4.3 Improper Input Validation

    Researchers discovered a way to inject data through the passphrase property of the gnupg.GPG.encrypt() and gnupg.GPG.decrypt() methods when symmetric encryption is used. The supplied passphrase is not validated for newlines, and the library passes --passphrase-fd=0 to the gpg executable, which...
  7. 1

    Exploits Ektron CMS 9.20 SP2 Improper Access Restrictions

    Ektron CMS version 9.20 SP2 suffers from an improper access restriction vulnerability. View the full article
  8. 1

    Exploits Android current-fs Improper Locking

    Android sdcardfs changes current->fs without proper locking. View the full article
  9. 1

    Exploits Collaboration Compliance And Quality Management Platform 9.1.1.5482 Improper Access Control

    Collaboration Compliance and Quality Management Platform versions 9.1.1.5482 and below suffer from an improper access control vulnerability. View the full article
  10. 1

    Exploits Citrix StorageZones Controller Improper Access Restrictions / Traversal

    Citrix StorageZones Controller versions prior to 5.4.2 suffer from padding oracle, improper access restriction, and path traversal vulnerabilities. View the full article
  11. 1

    Exploits Postman 6.3.0 Improper Certificate Validation

    Postman versions 6.3.0 and below suffer from a man-in-the-middle vulnerability due to improper certificate validation. View the full article

improper

improper

Share this tag

Back
Top