Lucene search
K

133 matches found

CVE
CVE
added 5 days ago16 views

CVE-2026-51926

The vulnerability (CVE-2026-51926) affects docuForm FSM Client v11.11c. The login.php authentication mechanism enables user enumeration: an attacker can distinguish valid from invalid usernames by differences in server responses, enabling identification of existing accounts. This information coul...

7.5CVSS6AI score0.0036EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-51926

An issue in docuForm GmbH FSM Client v.11.11c allows a remote attacker to obtain sensitive information via the login.php component. A vulnerability was identified in the authentication mechanism that allows user enumeration through the login interface. An attacker can differentiate between valid...

7.5CVSS6AI score0.0036EPSS
Exploits0References3
Cvelist
Cvelist
added 5 days ago35 views

CVE-2026-51926

An issue in docuForm GmbH FSM Client v.11.11c allows a remote attacker to obtain sensitive information via the login.php component. A vulnerability was identified in the authentication mechanism that allows user enumeration through the login interface. An attacker can differentiate between valid...

0.0036EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.7 views

PT-2026-56023

Name of the Vulnerable Software and Affected Versions ajenti versions prior to 2.2.14 Description The browser-facing login and administrative UI contains a clickjacking weakness. This occurs because the core HTTP response path in ajenti-core/aj/http.py initializes an empty header list and finaliz...

5.4CVSS5.9AI score0.00159EPSS
Exploits0References7
CVE
CVE
added 2026/07/06 12:0 a.m.7 views

CVE-2026-38979

Ajenti prior to version 2.2.14 is affected by a clickjacking weakness in the browser-facing login and administrative UI due to anti-framing protections missing in the HTTP response path (ajenti-core/aj/http.py). The vulnerability arises from initializing an empty header list, forwarding handler-a...

5.4CVSS5.9AI score0.00159EPSS
Exploits0References2
OSV
OSV
added 2026/07/06 12:0 a.m.2 views

CVE-2026-38979

ajenti through v2.2.13 has a clickjacking weakness in the browser-facing login and administrative UI. In ajenti-core/aj/http.py, the core HTTP response path initializes an empty header list, forwards handler-added headers verbatim, and finalizes responses through WSGI startresponse without adding...

5.4CVSS5.9AI score0.00159EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 10:34 p.m.6 views

GO-2026-5691 File Browser has a DoS Vulnerability via Public Login API in github.com/filebrowser/filebrowser

File Browser has a DoS Vulnerability via Public Login API in github.com/filebrowser/filebrowser...

6.5CVSS5.8AI score0.00484EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 7:16 p.m.8 views

CVE-2026-54092

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, unchecked passwords maximums allow for an arbitrarily large password to be passed into the login API. This spikes CPU and memory, and after...

6.5CVSS0.00484EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2026/06/08 12:0 a.m.63 views

📄 ProjeQtor 12.4.3 SQL Injection

This Python script automates exploitation of an SQL injection vulnerability in a ProjeQtor login interface. Version 12.4.3 is affected. ================================================================================================================================== | Title : ProjeQtor 12.4.3...

9.8CVSS5.6AI score0.00558EPSS
Exploits2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.12 views

Arista Edge Threat Management - Arista Next Generation Firewall 安全漏洞

Arista Edge Threat Management – Arista Next Generation Firewall is a unified network security platform developed by the American company Arista. It integrates next-generation firewalls, intrusion prevention, web filtering, application control, and network threat protection capabilities. There are...

7CVSS5.9AI score0.0988EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 9:16 a.m.19 views

CVE-2026-8474

A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41, 4.8.0 to 4.8.15, 5.0.0 to 5.0.5 It is possible to execute a reflected XSS attack on the login API available on Stormshield SNS appliance by executing a script on the victim's machine. The risks include the theft of...

5.3CVSS0.00183EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/01 7:47 a.m.41 views

CVE-2026-8474 Possible to run a Cross Site Scripting request on the login API available on Stormshield SNS appliances.

A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41, 4.8.0 to 4.8.15, 5.0.0 to 5.0.5 It is possible to execute a reflected XSS attack on the login API available on Stormshield SNS appliance by executing a script on the victim's machine. The risks include the theft of...

5.3CVSS0.00183EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/10 12:30 p.m.12 views

EUVD-2026-28993

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVersion leads to improper authentication. It is possible to initiate the attack remotely. The exploi...

6.9CVSS5.5AI score0.00403EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/10 9:15 a.m.8 views

CVE-2026-8244 Industrial Application Software IAS Canias ERP Login RMI improper authentication

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVersion leads to improper authentication. It is possible to initiate the attack remotely. The exploi...

6.9CVSS5.8AI score0.00403EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/10 8:15 a.m.7 views

CVE-2026-8242 Industrial Application Software IAS Canias ERP Login RMI doAction response discrepancy

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results in observable response discrepancy. The attack is possible to be carried out remotely. A high...

6.3CVSS5.2AI score0.00289EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/10 8:15 a.m.42 views

CVE-2026-8242 Industrial Application Software IAS Canias ERP Login RMI doAction response discrepancy

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results in observable response discrepancy. The attack is possible to be carried out remotely. A high...

6.3CVSS0.00289EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/10 8:15 a.m.9 views

CVE-2026-8242

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results in observable response discrepancy. The attack is possible to be carried out remotely. A high...

6.3CVSS5.2AI score0.00289EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.12 views

Canias ERP 安全漏洞

Canias ERP is a comprehensive management system developed by the Swiss company Canias, covering enterprise resource planning and business process management. Version 8.03 of Canias ERP contains a security vulnerability. This vulnerability stems from observed differences in the response of the...

6.3CVSS5.8AI score0.00289EPSS
Exploits0References1
CVE
CVE
added 2026/04/19 5:15 a.m.17 views

CVE-2026-6559

The CVE affects Wavlink WL-WN579A3 (firmware 220323). The vulnerability resides in login.cgi, function sub_401F80, where manipulating the Hostname argument enables cross-site scripting. Remote exploitation is possible. A fix has been released by the vendor; upgrading to the affected component’s f...

5.3CVSS4.5AI score0.00265EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/04/08 12:44 a.m.107 views

exploit-code-management

Viết code python deploy 1 web với các yêu cấu sau - Thực hiện co...

6AI score
Exploits0
Rows per page
Query Builder