23 matches found
CVE-2026-47325 Weak password policy in ProjectsAndPrograms school-management-system
ProjectsAndPrograms school-management-system uses predictable credentials by generating student's and teacher's passwords solely from the user’s date of birth e.g., 12072000 for 12 July 2000. The application does not require or prompt users to change the password upon first login. This behavior...
EUVD-2018-9158
Malware in sbrugna...
CVE-2024-7635
A vulnerability was found in code-projects Simple Ticket Booking 1.0. It has been classified as critical. Affected is an unknown function of the file registerinsert.php of the component Registration Handler. The manipulation of the argument name/email/dob/password/Gender/phone leads to sql...
PT-2024-38507 · Sourcecodester · Sourcecodester Kortex Lite Advocate Office Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Kortex Lite Advocate Office Management System version 1.0 Description: A problematic issue has been found in the file adds.php, where the manipulation of the argument name, dob, email, mobile, or address leads to cross-site...
College Management System SQL注入漏洞
College Management System is a simple project organized by Code Projects. It is used to keep track of students, teachers, subjects, schedules and all things related to the university. College Management System version 1.0 has a SQL injection vulnerability that originates from a SQL injection...
PT-2024-16026 · Sourcecodester · Sourcecodester Employee Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Employee Management System version 1.0 Description: A problematic vulnerability has been found in the system, affecting the edit-profile.php file. The issue arises from the manipulation of the fullname, phone, date of birth,...
CVE-2022-37152
An issue was discovered in Online Diagnostic Lab Management System 1.0, There is a SQL injection vulnerability via "dob" parameter in "/classes/Users.php?f=saveclient"...
CVE-2022-37152
An issue was discovered in Online Diagnostic Lab Management System 1.0, There is a SQL injection vulnerability via "dob" parameter in "/classes/Users.php?f=saveclient"...
OSIF - Open Source Information Facebook
OSIF is an accurate facebook account information gathering, all sensitive information can be easily gathered even though the target converts all of its privacy to only me, Sensitive information about residence, date of birth, occupation, phone number and email address. Installation $ pkg update...
CVE-2018-17404
The SBIbuddy aka com.sbi.erupee application 1.41 and 1.42 for Android might allow an attacker to sniff private information such as mobile number, PAN number from a government-issued ID, and date of birth...
CVE-2018-17404
The SBIbuddy aka com.sbi.erupee application 1.41 and 1.42 for Android might allow an attacker to sniff private information such as mobile number, PAN number from a government-issued ID, and date of birth...
Information disclosure
The SBIbuddy aka com.sbi.erupee application 1.41 and 1.42 for Android might allow an attacker to sniff private information such as mobile number, PAN number from a government-issued ID, and date of birth...
Air Canada Suffers Data Breach — 20,000 Mobile App Users Affected
Air Canada has confirmed a data breach that may have affected about 20,000 customers of its 1.7 million mobile app users. The company said it had "detected unusual log-in behavior" on its mobile app between August 22 and 24, during which the personal information for some of its customers "may...
ussr-star.com XSS vulnerability
Open Bug Bounty ID: OBB-655588 Description| Value ---|--- Affected Website:| ussr-star.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2018-14608
Thomson Reuters UltraTax CS 2017 on Windows has a password protection option; however, the level of protection might be inconsistent with some customers' expectations because the data is directly accessible in cleartext. Specifically, it stores customer data in unique directories...
PT-2018-12614 · Thomson Reuters · Thomson Reuters Ultratax Cs
Name of the Vulnerable Software and Affected Versions: Thomson Reuters UltraTax CS version 2017 Description: The software has a password protection option, but the level of protection may not meet some customers' expectations because the data is stored in cleartext. Customer data is stored in...
Vehicle Sales Management System - Multiple Vulnerabilities
Vehicle Sales Management System - Multiple Vulnerabilities Exploit Title: VSMS Multiple Vulnerabilities Google Dork: N/A Date: 16-3-2018 Exploit Author: Sing Vendor Homepage: https://sourceforge.net/projects/vsms-php/?source=typredirect Software Link:...
Rimet Wifi Smart Temperature Control Android APP has an override access vulnerability
Rimet Wifi Smart Temperature Control Android APP is a management platform for smart hardware devices. Rimet Wifi Intelligent Temperature Control Android APP has an override access vulnerability. After logging into the client, the attacker can obtain sensitive information such as patient's name,...
openSUSE Security Update : GNU Health and it's dependencies (openSUSE-2017-6)
This update provides version 3.0.5 of GNU Health including several fixes and improvements. - Update to ICD10 version 2016. - Fix error when printing prescription using review dates. - Fix error on summary report when no date of birth is assigned to the person. Additionally the following...
apple ID can bypass the security question directly modify the password vulnerability-vulnerability warning-the black bar safety net
Use of premise: know the victim's apple id and the registered date of birth Using the steps of: The first step: 登录https://iforgot.apple.com/iForgot/iForgot.html fill in the specified apple id, click Next Second step: select the authentication method-the answer to the security question, click Next...