167 matches found
Sql injection
Code-Projects Online Hospital Management System V1.0 is vulnerable to SQL Injection SQLI attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the login id and password fields during the login...
CVE-2023-37069
Code-Projects Online Hospital Management System V1.0 is vulnerable to SQL Injection SQLI attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the login id and password fields during the login...
SAP BusinessObjects Business Intelligence 信息泄露漏洞
SAP BusinessObjects Business IntelligenceSuite is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The product features report generation, analytics and data visualization. An information disclosure vulnerability exists in SAP BusinessObjects...
Cisco Nexus and Cisco Multilayer Director Switches MOTD Telnet Login Reset (CVE-2015-0775)
The banner aka MOTD implementation in Cisco NX-OS 4.12E11f on Nexus 4000 devices, 5.21SV32.1 on Nexus 1000V devices, 6.02N22 on Nexus 5000 devices, 6.211 on MDS 9000 devices, 6.212 on Nexus 7000 devices, 7.03 on Nexus 9000 devices, and 7.20ZN99.67 on Nexus 3000 devices allows remote attackers to...
Sql injection
Sourcecodester Enrollment System Project V1.0 is vulnerable to SQL Injection SQLI attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the username and password fields during the login process...
CVE-2023-33584
Sourcecodester Enrollment System Project V1.0 is vulnerable to SQL Injection SQLI attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the username and password fields during the login process...
CVE-2023-33584
Sourcecodester Enrollment System Project V1.0 is vulnerable to SQL Injection SQLI attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the username and password fields during the login process...
Reprise Software RLM v14.2BL4 - Cross-Site Scripting (XSS)
Exploit Title: Reprise Software RLM v14.2BL4 - Cross-Site Scripting XSS Exploit Author: Mohammed A.Siledar Author Company : reprisesoftware Version: rlm.v14.2BL4 Vendor home page : https://reprisesoftware.com Software Link:...
CVE-2022-45677
SQL Injection Vulnerability in tanujpatra228 Tution Management System TMS via the email parameter to processes/studentlogin.process.php...
Tution Management System SQL注入漏洞
Tution Management System is the tuition management system. A security vulnerability exists in tanujpatra228 Tution Management System TMS that stems from the discovery of an email parameter via processes/studentlogin.process.php that contains a SQL injection vulnerability...
PT-2023-35109 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.93 Description: The issue is related to a use-after-free UAF error during the login process when accessing the shost ip address in the iscsi tcp module. The actual impact and attack plausibility have not y...
UBUNTU-CVE-2022-24895
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. When authenticating users Symfony by default regenerates the session ID upon login, but preserves the rest of session attributes. Because this does not clear CSRF tokens upon login, this might enable...
Mozilla VPN 授权问题漏洞
Mozilla VPN is an open source virtual private network web browser extension, desktop application and mobile application from the US-based Mozilla Foundation. A security vulnerability in Mozilla VPN iOS before 1.0.7929, Mozilla VPN Windows before 1.2.2, and Mozilla VPN Android before 1.1.01360 ste...
CVE-2022-2752 Potential vulnerabilities in GM login process
A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous user under some failed login conditions. This issue affects: Secomea GateManager versions from 9.4 through 9.7...
CVE-2021-45925
Observable discrepancies in the login process allow an attacker to guess legitimate user names registered in the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-45925
Observable discrepancies in the login process allow an attacker to guess legitimate user names registered in the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
Buffer overflow
Observable discrepancies in the login process allow an attacker to guess legitimate user names registered in the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-45925 Username Enumeration
Observable discrepancies in the login process allow an attacker to guess legitimate user names registered in the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-45925
CVE-2021-45925 affects Lanner Inc IAC-AST2500A standard firmware v1.10.0. Multiple connected sources confirm a vulnerability in the login process that allows observable discrepancies enabling an attacker to enumerate/guess legitimate BMC usernames. The root cause is described as a login process d...
CVE-2021-36369
An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2...