CVE-2025-13986

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Disable Login Page allows Functionality Bypass.This issue affects Disable Login Page: from 0.0.0 before 1.1.3...

CVE-2025-13986

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Disable Login Page allows Functionality Bypass.This issue affects Disable Login Page: from 0.0.0 before 1.1.3...

EUVD-2025-206435

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Disable Login Page allows Functionality Bypass.This issue affects Disable Login Page: from 0.0.0 before 1.1.3...

CVE-2025-13986

CVE-2025-13986 concerns the Drupal Disable Login Page module (versions prior to 1.1.3), where an authentication bypass occurs via an alternate path or channel, enabling a user to bypass the UI login requirement. Public disclosures across multiple sources (NVD, CVE lists, and OSV) confirm the core...

CVE-2025-13986 Disable Login Page - Critical - Access bypass - SA-CONTRIB-2025-124

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Disable Login Page allows Functionality Bypass.This issue affects Disable Login Page: from 0.0.0 before 1.1.3...

CVE-2025-13986 Disable Login Page - Critical - Access bypass - SA-CONTRIB-2025-124

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Disable Login Page allows Functionality Bypass.This issue affects Disable Login Page: from 0.0.0 before 1.1.3...

PT-2026-5205

Name of the Vulnerable Software and Affected Versions Drupal Disable Login Page versions prior to 1.1.3 Description An authentication bypass issue exists in Drupal Disable Login Page, allowing functionality bypass through an alternate path or channel. This allows attackers to circumvent login...

Drupal: Vulnerability in the Disabled Login Page

Drupal Disable Login Page is a content blocking plugin for the Drupal community. Versions of Drupal Disable Login Page prior to 1.1.3 contained a security vulnerability. This vulnerability stemmed from an authentication bypass mechanism, which could lead to unauthorized functionality...

Disable Login Page - Critical - Access bypass - SA-CONTRIB-2025-124

This module enables you to disable the standard Drupal login form /user/login so site owners can prevent interactive logins via the UI. The module does not sufficiently block authentication when the REST/HTTP login route is used. An attacker or legitimate user with valid credentials can...

PT-2025-6107 · Pix · Pix Software Vivaz

Name of the Vulnerable Software and Affected Versions: Pix Software Vivaz version 6.0.10 Description: A critical issue has been found in the code related to the /servlet?act=login file, where manipulation of the usuario argument can lead to SQL injection. This issue can be exploited remotely. The...

PT-2025-1189

Name of the Vulnerable Software and Affected Versions MGate 5121/5122/5123 Series firmware version v1.0 Description A stored Cross-site Scripting XSS vulnerability exists due to insufficient sanitization and encoding of user input in the Login Message functionality. An authenticated attacker with...

PT-2024-6459 · D Link · D-Link Dcs-960L

Name of the Vulnerable Software and Affected Versions: D-Link DCS-960L version 1.09 Description: The issue is related to a stack overflow vulnerability in the HNAP service of the D-Link DCS-960L IP camera, specifically in the Login function. This vulnerability can be exploited by a remote attacke...

PT-2024-30018 · Unknown · Hotel Management System

Name of the Vulnerable Software and Affected Versions: Hotel Management System version 79d688 Description: An issue in the login component, specifically in the process login.php file, allows attackers to authenticate without providing a valid password. This enables unauthorized access to the...

PT-2024-38354 · Unknown · Itsourcecode Ticket Reservation System

Name of the Vulnerable Software and Affected Versions: itsourcecode Ticket Reservation System version 1.0 Description: A critical issue was found in the itsourcecode Ticket Reservation System, affecting an unknown functionality of the file login.php of the component Login Page. The manipulation o...

PT-2024-38297 · Sourcecodester · Sourcecodester Tracking Monitoring Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Tracking Monitoring Management System version 1.0 Description: A critical issue has been found in the Login component, specifically affecting the /ajax.php?action=login file. The manipulation of the username argument leads to S...

PT-2024-38228 · Sourcecodester · Sourcecodester Lot Reservation Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Lot Reservation Management System version 1.0 Description: A critical issue was found in the system, affecting the file /admin/ajax.php?action=login. The manipulation of the username argument leads to sql injection. This issue...

PT-2024-37390 · Unknown · Monbela Tourist Inn Online Reservation System

Name of the Vulnerable Software and Affected Versions: Monbela Tourist Inn Online Reservation System version 1.0 Description: A critical issue affects the processing of the file login.php, where the manipulation of the email argument leads to sql injection. The attack can be initiated remotely...

PT-2024-37140 · Unknown · Sourcecodester Stock Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Stock Management System version 1.0 Description: A critical vulnerability has been found in the SourceCodester Stock Management System, affecting an unknown functionality of the file index.php of the component Login. The...

PT-2024-23618 · Unknown · Cloud Based Customer Service Management Platform

Name of the Vulnerable Software and Affected Versions: Cloud based customer service management platform version 1.0.0 Description: The issue allows a local attacker to execute arbitrary code via a crafted payload to the "Login.asp" component. This is related to a SQL Injection vulnerability...

PT-2024-23177 · Unknown · Code-Projects Online Book System

Name of the Vulnerable Software and Affected Versions: code-projects Online Book System version 1.0 Description: A critical vulnerability was found in the code-projects Online Book System. This issue affects the file /index.php and is related to the manipulation of the username, password, login...