Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to...

User Enumeration Vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system. The vulnerability is exploitable through the ‘pda:username’ parameter with ‘soapaction GetUserQuestionAndAnswer’...

User Enumeration Vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system. The vulnerability is exploitable through the ‘pda:username’ parameter with ‘soapaction GetLastDatePasswordChange’...

SQL injection vulnerability in TCMAN GIM v11 in version 20250304. This vulnerability allows an attacker to retrieve, create, update, and delete databases by sending a GET request using the ‘idmant’ parameter in ‘/PC/frmEPIS.aspx’. More...

The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘nxt-year’ shortcode in all versions up to, and including, 4.4.1 due to insufficient input sanitization...

Insertion of Sensitive Information Into Sent Data vulnerability in Argus Technology Inc. BILGER allows Choosing Message Identifier.This issue affects BILGER: before 2.4.9. More information : https://www.usom.gov.tr/bildirim/tr-25-0423

Unauthorized access vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system by using the ‘pda:userId’ and ‘pda:newPassword’ parameters with ‘soapaction UnlockUser’...

Reflected Cross-Site Scripting (XSS) in IDI Eikon’s Governalia. The vulnerability allows an attacker to execute JavaScript code in the victim’s browser when a malicious URL with the ‘q’ parameter in ‘/search’ is sent to...

Directory traversal vulnerability in SOLIDserver IPAM v8.2.3. This vulnerability allows an authenticated user with administrator privileges to list directories other than those to which the have authorized access using the ‘directory’ parameter in ‘/mod/ajax.php?action=sections/list/list’.For...

A Blind SQL injection vulnerability has been identified in QuickCMS. Improper neutralization of input provided by a high-privileged user into aFilesDelete allows for Blind SQL Injection attacks. The vendor was notified early about this...

Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The ‘DownloadFile’ function converts a parameter to an integer using ‘atoi()’ and then uses it as an index in the ‘FilesDownload’ array with ‘(&FilesDownload)[iVar2]’. If the parameter...

Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the ‘ShowSupervisorParameters()’ function, there is an unlimited user input that is copied to a fixed-size buffer via ‘sprintf()’. The ‘GetParameter(meter)’ function retrieves the user input,...

Command injection vulnerability in the operating system in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2 through the ‘GetDNS()’, ‘CheckPing()’ and ‘TraceRoute()’ functions. More information : https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-circutor-products-0

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the ‘SetUserPassword()’ function, the ‘newPassword’ parameter is directly embedded in a shell command string using ‘sprintf()’ without any sanitisation or validation, and then executed using...