Dell OpenManage Enterprise versions up to 3.6.1 suffer from multiple hard-coded credential issues, multiple privilege escalation, weak permissions, authentication bypass, and other vulnerabilities.
>> ARCHIVE: 2021-07
KevinLAB BEMS version 1.0 has an undocumented backdoor account and the sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the…
KevinLAB BEMS version 1.0 suffers from an unauthenticated SQL Injection vulnerability. Input passed through input_id POST parameter in /http/index.php is not properly sanitized before being returned to the user or…
KevinLAB BEMS version 1.0 suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the page GET parameter in index.php is not properly verified before being used to include…
CSZ CMS 1.2.9 – ‘Multiple’ Arbitrary File Deletion
KevinLAB BEMS 1.0 – File Path Traversal Information Disclosure (Authenticated)
KevinLAB BEMS 1.0 – Unauthenticated SQL Injection / Authentication Bypass
KevinLAB BEMS 1.0 – Undocumented Backdoor Account
http://www.takesa1.go.th notified by Salman Hacker