96 matches found
EUVD-2018-21622
Net-Billetterie 2.9 contains an SQL injection vulnerability in the login parameter of login.inc.php that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can submit malicious SQL code through the login POST parameter to extract database information including usernames,...
PT-2026-23679
Net-Billetterie 2.9 contains an SQL injection vulnerability in the login parameter of login.inc.php that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can submit malicious SQL code through the login POST parameter to extract database information including usernames,...
EUVD-2026-9111
wpForo 2.4.14 contains an unauthenticated SQL injection vulnerability in Topics::gettopics where the ORDER BY clause relies on ineffective escsql sanitization on unquoted identifiers. Attackers exploit the wpfob parameter with CASE WHEN payloads to perform blind boolean extraction of credentials...
PT-2026-22483
Name of the Vulnerable Software and Affected Versions wpForo version 2.4.14 Description The software contains an unauthenticated SQL injection issue in the Topics::get topics function. The problem stems from ineffective sanitization using esc sql on unquoted identifiers within the ORDER BY clause...
📄 FortiGate Advanced Symlink Bypass Exploit
This Python script is an advanced exploitation tool targeting vulnerable FortiGate devices manufactured by Fortinet. It attempts to exploit a symlink/path bypass vulnerability via the /lang//custom/ endpoint in order to access sensitive internal files that should not be publicly accessible...
CVE-2026-0503
This CVE affects SAP ERP Central Component (SAP ECC) and SAP S/4HANA (SAP EHS Management). The root cause is a missing authorization check that could let an attacker extract hardcoded clear-text credentials and bypass password authentication by tampering with user parameters. Successful exploitat...
CVE-2026-0503 Missing Authorization check in in SAP ERP Central Component and SAP S/4HANA (SAP EHS Management)
Due to missing authorization check in the SAP ERP Central Component SAP ECC and SAP S/4HANA SAP EHS Management, an attacker could extract hardcoded clear-text credentials and bypass the password authentication check by manipulating user parameters. Upon successful exploitation, the attacker can...
SAP ERP Central Component 安全漏洞
SAP ERP Central Component is a core enterprise resource planning software from SAP, Germany. A security vulnerability exists in SAP ERP Central Component that stems from a lack of authorization checks and could allow an attacker to extract hard-coded plaintext credentials and bypass password...
Exploit for Out-of-bounds Write in Mikrotik Routeros
Mikrotik Exploit Scan and Export RouterOS Password A security...
CVE-2019-18250
In all versions of ABB Power Generation Information Manager PGIM and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authentication and extract credentials from the affected device...
EUVD-2025-203889
A vulnerability exists in multiple Radiometer products that allow an attacker with physical access to the analyzer possibility to extract credential information. The vulnerability is due to a weakness in the design and insufficient credential protection in operating system. Other related CVE's ar...
Radiometer Products 安全漏洞
Radiometer Products is a line of medical diagnostic instruments from the Danish company Radiometer. A security vulnerability exists in Radiometer Products that stems from inadequate operating system design and credential protection, which could allow a physical visitor to extract credential...
PT-2025-51827
Name of the Vulnerable Software and Affected Versions Radiometer products affected versions not specified Description A security issue exists in multiple Radiometer products that could allow an attacker with physical access to the analyzer to obtain credential information. The vulnerability is du...
PT-2025-44917
Name of the Vulnerable Software and Affected Versions CE21 Suite plugin for WordPress versions prior to 2.3.2 Description The CE21 Suite plugin for WordPress is susceptible to sensitive information exposure through the log file. This allows unauthenticated attackers to extract sensitive data,...
EUVD-2020-27322
Malware in sbrugna...
EUVD-2014-9806
Malware in sbrugna...
EUVD-2019-8048
Malware in sbrugna...
EUVD-2018-20466
Malware in sbrugna...
EUVD-2019-4693
Malware in sbrugna...
EUVD-2021-0970
Malware in sbrugna...