EUVD-2026-2381

Due to missing authorization check in the SAP ERP Central Component SAP ECC and SAP S/4HANA SAP EHS Management, an attacker could extract hardcoded clear-text credentials and bypass the password authentication check by manipulating user parameters. Upon successful exploitation, the attacker can...

CVE-2025-2381

creationtimestamp| type| source ---|---|--- 2025-03-17 14:51:40+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7781 2025-03-17 16:33:06+00:00| published-proof-of-concept| Telegram/k2hWLXjvKh8ojTF1EeSN0Mqc987DrfNzj7Aa-hbf1HoriQ 2025-03-17 17:27:58+00:00| seen|...

CVE-2025-2381 PHPGurukul Curfew e-Pass Management System search-pass.php sql injection

A vulnerability classified as critical has been found in PHPGurukul Curfew e-Pass Management System 1.0. Affected is an unknown function of the file /admin/search-pass.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploi...

CVE-2025-2381

CVE-2025-2381 affects PHPGurukul Curfew e-Pass Management System 1.0. The vulnerability is a SQL injection in the /admin/search-pass.php file caused by improper handling of the searchdata parameter. It is exploitable remotely and has been publicly disclosed. The available documents identify the v...

CVE-2025-2381 PHPGurukul Curfew e-Pass Management System search-pass.php sql injection

A vulnerability classified as critical has been found in PHPGurukul Curfew e-Pass Management System 1.0. Affected is an unknown function of the file /admin/search-pass.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploi...

Linux Distros Unpatched Vulnerability : CVE-2016-2381

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp...

K000149640: Multiple Perl vulnerabilities

Security Advisory Description CVE-2023-31486 HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2020-12723 regcomp.c in Perl before 5.30.3 allows a buffer overflow...

CVE-2024-2381 AliExpress Dropshipping with AliNext Lite <= 3.3.5 - Authenticated (Subscriber+) Arbitrary File Upload

The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajaxsaveimage function in all versions up to, and including, 3.3.5. This makes it possible for authenticated attackers, with subscriber-level acces...

CVE-2024-2381

CVE-2024-2381 affects the AliExpress Dropshipping with AliNext Lite plugin for WordPress. The vulnerability is an arbitrary file upload due to missing file type validation in ajax_save_image in all versions up to 3.3.5. It requires authentication at subscriber level or higher, enabling an attacke...

WordPress Ali2Woo Lite Plugin <= 3.3.5 is vulnerable to Arbitrary File Upload

Software Ali2Woo Lite Type Plugin Vulnerable versions = 3.3.5 Fixed in 3.3.6 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-2381 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID d2eaecbf428e Credits Lucio Sá Required privilege Subscriber...

CVE-2023-2381

creationtimestamp| type| source ---|---|--- 2023-04-28 20:27:26+00:00| seen| https://t.me/cibsecurity/63078...

CVE-2023-2381

CVE-2023-2381 affects Netgear SRX5308 Web Management Interface up to firmware 4.3.5-3. The vulnerability is a cross-site scripting flaw in the BandWidthProfile.ProfileName parameter within scgi-bin/platform.cgi?page=bandwidth_profile.htm, exploitable remotely and reportedly disclosed. Public refe...

SUSE CVE-2016-2381

Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp...

CVE-2022-2381

The CVE covers the WordPress plugin E Unlocked - Student Result (

CVE-2019-2381

...

CVE-2019-2381

CVE-2019-2381 is rejected/not used and does not represent an active vulnerability entry.

CVE-2021-2381

Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful...

CVE-2021-2381

Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful...

Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2021-2157)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.2.0 : perl (EulerOS-SA-2021-2086)

According to the version of the perl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate...