Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2016-15023PUBLISHED: 2023-01-31
A vulnerability, which was classified as problematic, was found in SiteFusion Application Server up to 6.6.6. This affects an unknown part of the file getextension.php of the component Extension Handler. The manipulation leads to path traversal. Upgrading to version 6.6.7 is able to address this iss...
CVE-2022-45172PUBLISHED: 2023-01-31
An issue was discovered in LIVEBOX Collaboration vDesk before v018. Broken Access Control can occur under the /api/v1/registration/validateEmail endpoint, the /api/v1/vdeskintegration/user/adduser endpoint, and the /api/v1/registration/changePasswordUser endpoint. The web application is affected by ...
CVE-2022-47697PUBLISHED: 2023-01-31COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Account takeover. Anyone can reset the password of the admin accounts.
CVE-2022-47698PUBLISHED: 2023-01-31COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting (XSS) via the URL filtering feature in the router.
CVE-2022-47699PUBLISHED: 2023-01-31COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 is vulnerable to Incorrect Access Control.
User Rank: Strategist
3/13/2015 | 9:36:34 AM