Tag
critical
advisory
Directus Aggregate Query Vulnerability Allows Disclosure of Concealed Data
2 rules 1 TTPA vulnerability in Directus versions prior to 11.17.0 allows authenticated users to extract concealed field values, including static API tokens and two-factor authentication secrets from directus_users, via aggregate queries.
directus
vulnerability
credential-access
api-token
2fa-bypass
2r
1t
critical
advisory
Critical Vulnerabilities in Quest KACE SMA Allow System Takeover
2 rules 4 TTPsMultiple critical vulnerabilities in Quest KACE Systems Management Appliance (SMA), including authentication bypass and 2FA bypass, allow unauthenticated attackers to achieve system takeover and cause denial of service; active exploitation is reported.
quest-kace
vulnerability
authentication-bypass
2fa-bypass
denial-of-service
sma
2r
4t
critical
advisory
phpMyFAQ Unauthenticated 2FA Brute-Force Vulnerability
2 rules 1 TTP 1 IOCphpMyFAQ is vulnerable to an unauthenticated 2FA brute-force attack via the `/admin/check` endpoint, allowing attackers to bypass two-factor authentication and gain administrative access.
phpMyFAQ
2FA Bypass
Brute-Force
Authentication
2r
1t
1i