142 matches found
CVE-2025-11190 CVE-2025-11190
The Kiwire Captive Portal contains an open redirection issue via the login-url parameter, allowing an attacker to redirect users to an attacker controlled website...
CVE-2025-11190
CVE-2025-11190 affects the Kiwire Captive Portal (SynchroWeb). The issue is an open redirection in the login-url parameter that can redirect users to an attacker‑controlled website. Public details consistently describe this as a login flow redirection vulnerability without additional exploit info...
CVE-2025-11189 CVE-2025-11189
The Kiwire Captive Portal contains a reflected cross-site scripting XSS vulnerability within the login-url parameter, allowing for Javascript execution...
CVE-2025-11189 CVE-2025-11189
The Kiwire Captive Portal contains a reflected cross-site scripting XSS vulnerability within the login-url parameter, allowing for Javascript execution...
Kiwire Captive Portal 安全漏洞
Kiwire Captive Portal is a login authentication page from Kiwire Malaysia. A security vulnerability exists in Kiwire Captive Portal that stems from an open redirection issue with the login-url parameter, which could result in users being redirected to an attacker-controlled website...
Kiwire Captive Portal 安全漏洞
Kiwire Captive Portal is a login authentication page from Kiwire Malaysia. A security vulnerability exists in Kiwire Captive Portal, which stems from the presence of reflective cross-site scripting in the login-url parameter, which could lead to the execution of Javascript code...
PT-2025-41542
Name of the Vulnerable Software and Affected Versions Kiwire Captive Portal affected versions not specified Description The software contains a reflected cross-site scripting XSS issue within the login-url parameter. This allows for Javascript execution. The issue is present in the login...
PT-2025-41543
Name of the Vulnerable Software and Affected Versions Kiwire Captive Portal affected versions not specified Description The software contains an open redirection issue. An attacker can redirect users to a website controlled by the attacker through manipulation of the login-url parameter. The...
EUVD-2020-10585
Malware in sbrugna...
EUVD-2025-30502
Malicious code in bioql PyPI...
EUVD-2025-28001
Malicious code in bioql PyPI...
EUVD-2022-24883
Malicious code in bioql PyPI...
CVE-2025-59770
Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...
CVE-2025-59755
Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...
CVE-2025-59769 Multiple vulnerabilities in AndSoft's e-TMS
Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...
CVE-2025-59759 Multiple vulnerabilities in AndSoft's e-TMS
Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...
CVE-2025-59757 Multiple vulnerabilities in AndSoft's e-TMS
Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...
CVE-2025-59755 Multiple vulnerabilities in AndSoft's e-TMS
Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...
Rancher CLI SAML authentication is vulnerable to phishing attacks
Impact A vulnerability has been identified within Rancher Manager whereby the SAML authentication from the Rancher CLI tool is vulnerable to phishing attacks. The custom authentication protocol for SAML-based providers can be abused to steal Rancher’s authentication tokens. Rancher Manager...
PT-2025-39664
Name of the Vulnerable Software and Affected Versions Rancher Manager versions prior to 2.9.12 Rancher Manager versions prior to 2.10.10 Rancher Manager versions prior to 2.11.6 Rancher Manager versions prior to 2.12.2 Description Rancher Manager is susceptible to phishing attacks targeting SAML...