FatPipe Networks WARP version 10.2.2 suffers from an authorization bypass vulnerability.
>> ARCHIVE: 2021-09
FatPipe Networks WARP/IPVPN/MPVPN version 10.2.2 is vulnerable to an unauthenticated configuration disclosure when a direct object reference is made to the backup archive file using an HTTP GET request.
FatPipe Networks WARP/IPVPN/MPVPN version 10.2.2 has the hidden administrative account cmuser that has no password and has write access permissions to the device. The user cmuser is not visible in…
FatPipe Networks WARP/IPVPN/MPVPN version 10.2.2 suffers from a remote privilege escalation vulnerability.
Pet Shop Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)
Mitrastar GPT-2541GNAC-N1 – Privilege escalation
WordPress Plugin Redirect 404 to Parent 1.3.0 – Reflected Cross-Site Scripting (XSS)
WordPress Plugin Select All Categories and Taxonomies 1.3.1 – Reflected Cross-Site Scripting (XSS)
OpenSIS 8.0 – ‘cp_id_miss_attn’ Reflected Cross-Site Scripting (XSS)
Storage Unit Rental Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)