484 matches found
EUVD-2025-35180
Log2Space Subscriber Management Software 1.1 is vulnerable to unauthenticated SQL injection via the leadid parameter in the /l2s/api/selfcareLeadHistory endpoint. A remote attacker can exploit this by sending a specially crafted POST request, resulting in the execution of arbitrary SQL queries. T...
CVE-2025-56450
Log2Space Subscriber Management Software 1.1 is vulnerable to unauthenticated SQL injection via the leadid parameter in the /l2s/api/selfcareLeadHistory endpoint. A remote attacker can exploit this by sending a specially crafted POST request, resulting in the execution of arbitrary SQL queries. T...
CVE-2025-56450
Log2Space Subscriber Management Software 1.1 is vulnerable to unauthenticated SQL injection via the leadid parameter in the /l2s/api/selfcareLeadHistory endpoint. A remote attacker can exploit this by sending a specially crafted POST request, resulting in the execution of arbitrary SQL queries. T...
CVE-2025-56450
CVE-2025-56450 affects Log2Space Subscriber Management Software 1.1. The vulnerability is an unauthenticated SQL injection in the /l2s/api/selfcareLeadHistory endpoint, exploitable via the lead_id parameter in a crafted POST request. The backend fails to sanitize input, enabling enumeration of da...
CVE-2025-11188
The Kiwire Captive Portal contains a blind SQL injection in the nas-id parameter, allowing for SQL commands to be issued and to compromise the corresponding database...
EUVD-2025-33715
The Kiwire Captive Portal contains a blind SQL injection in the nas-id parameter, allowing for SQL commands to be issued and to compromise the corresponding database...
CVE-2025-11188
The Kiwire Captive Portal contains a blind SQL injection in the nas-id parameter, allowing for SQL commands to be issued and to compromise the corresponding database...
CVE-2025-11188 CVE-2025-11188
The Kiwire Captive Portal contains a blind SQL injection in the nas-id parameter, allowing for SQL commands to be issued and to compromise the corresponding database...
CVE-2025-11188 CVE-2025-11188
The Kiwire Captive Portal contains a blind SQL injection in the nas-id parameter, allowing for SQL commands to be issued and to compromise the corresponding database...
CVE-2025-11188
The CVE-2025-11188 vulnerability affects the Kiwire Captive Portal (SynchroWeb). It is a blind SQL injection in the nas-id parameter that can be used to issue SQL commands and compromise the associated database. The issue is documented across multiple sources (NVD/Red Hat RH, EUVD ENISA, CVE list...
PT-2025-41541
Name of the Vulnerable Software and Affected Versions Kiwire Captive Portal affected versions not specified Description The software contains a blind SQL injection in the nas-id parameter. This allows for the execution of SQL commands and potential compromise of the database. Recommendations At t...
EUVD-2002-0531
Malware in sbrugna...
EUVD-2020-19250
Malware in sbrugna...
EUVD-2017-14264
Malware in sbrugna...
EUVD-2020-4741
Malware in sbrugna...
EUVD-2023-46282
Malicious code in bioql PyPI...
EUVD-2025-13906
Malicious code in bioql PyPI...
EUVD-2025-21717
Malicious code in bioql PyPI...
EUVD-2024-2279
Malicious code in bioql PyPI...
EUVD-2021-30955
Malicious code in bioql PyPI...