EUVD-2025-38890

Malicious code in mahesa-tahu39-sukiwir npm...

MAL-2025-38890 Malicious code in wati-botok93-sukiwir (npm)

The package wati-botok93-sukiwir was found to contain malicious code...

CVE-2024-38890

An issue in Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 and possibly later versions allows a local attacker to perform an Authentication Bypass by Capture-replay attack due to insufficient protection against capture-replay attacks...

CVE-2023-38890

Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling...

CVE-2023-38890

creationtimestamp| type| source ---|---|--- 2023-08-18 22:38:27+00:00| seen| https://t.me/cibsecurity/68844...

CVE-2023-38890

Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling...

CVE-2023-38890

CVE-2023-38890 affects Online Shopping Portal Project 3.1, where the login form’s username input allows SQL Injection due to insufficient input validation. This is a remote code execution/unauthorized-access risk via crafted queries, with public references to exploits (e.g., ExploitDB 50029) and ...

CVE-2022-38890

CVE-2022-38890 affects Nginx NJS 0.7.7. A segmentation violation is triggered by the njs_utf8_next function in src/njs_utf8.h. Public sources consistently describe the vulnerability as a segmentation fault in NJS, with NVD citing a CVSS v3.1 base score of 5.5 (Medium) and local attack vector, req...

CVE-2021-38890

IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 209507...

CVE-2021-38890

CVE-2021-38890 affects IBM Sterling Connect:Direct Web Services (Products/Versions: 1.0 and 6.0). The root cause is an inadequate account lockout setting that could allow a remote attacker to brute-force credentials. Impact per sources includes potential credential disclosure with no explicit rem...

Security Bulletin: Account Lockout Vulnerability Affects IBM Sterling Connect:Direct Web Services (CVE-2021-38890)

Summary An account lockout vulnerability has been addressed by IBM Connect:Direct Web Service. Vulnerability Details CVEID: CVE-2021-38890 DESCRIPTION: IBM Sterling Connect:Direct Web Services uses an inadequate account lockout setting that could allow a remote attacker to brute force account...