FusionAuth fusionauth-samlv2 0.2.3 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack".
Published at: October 02, 2020 at 04:15PM
View on website
REDDOXX MailDepot 2032 SP2 2.2.1242 has Insufficient Session Expiration because tokens are not invalidated upon a logout.
Published at: October 02, 2020 at 05:15AM
View on website
CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to remotely access router endpoints, because these endpoints do not contain CSRF tokens. If a user is authenticated in the router portal, then this attack will work.
Published at: October 02, 2020 at 05:15AM
View on website
A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication.
Published at: October 02, 2020 at 05:15AM
View on website
A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without authentication.
Published at: October 02, 2020 at 05:15AM
View on website
Educ Arte Económico 