CVE-2022-23961

In Thruk Monitoring through 2.46.3, the login field of the login form is vulnerable to reflected XSS. This vulnerability can be exploited by unauthenticated remote attackers to target users of the monitoring interface...

CVE-2022-23961

In Thruk Monitoring through 2.46.3, the login field of the login form is vulnerable to reflected XSS. This vulnerability can be exploited by unauthenticated remote attackers to target users of the monitoring interface...

CVE-2022-23961

Thruk Monitoring (up to 2.46.3) is affected by a reflected XSS in the login field of the login form. The vulnerability can be exploited by unauthenticated remote attackers to target users of the monitoring interface. The CVSS-3.1 base score is 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). No exploit...

CVE-2022-23961

In Thruk Monitoring through 2.46.3, the login field of the login form is vulnerable to reflected XSS. This vulnerability can be exploited by unauthenticated remote attackers to target users of the monitoring interface...

PT-2026-38658

Name of the Vulnerable Software and Affected Versions Thruk Monitoring versions prior to 2.46.4 Description The login field of the login form is susceptible to reflected Cross-Site Scripting XSS, a flaw where an application includes untrusted data in a web page without proper validation, allowing...

CVE-2018-25296

P10 Central Management Software 1.4.13 contains a buffer overflow vulnerability in the login password field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 2000-byte payload into the password field and click login to trigger an...

Ambient P10 Central Management Software 安全漏洞

Ambient P10 Central Management Software is a management software developed by the American company Ambient, designed for centralized management and monitoring of the operating status of devices and systems. Version 1.4.13 of Ambient P10 Central Management Software contains a security vulnerabilit...

CVE-2026-23610

GFI MailEssentials AI (versions prior to 22.4) contains a stored XSS in the POP2Exchange config endpoint. An authenticated user can inject HTML/JavaScript into the POP3 login field within the JSON "popServers" payload to /MailEssentials/pages/MailSecurity/POP2Exchange.aspx/Save; the input is stor...

PT-2026-20890

Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description GFI MailEssentials AI versions before 22.4 have a stored cross-site scripting issue in the POP2Exchange configuration. A logged-in user can inject HTML or JavaScript into the POP3 server...

CVE-2022-37059

Cross Site Scripting XSS in Admin Panel of Subrion CMS 4.2.1 allows attacker to inject arbitrary code via Login Field...

EUVD-2008-6244

Malware in sbrugna...

EUVD-2010-1724

Malware in sbrugna...

EUVD-2005-2880

Malware in sbrugna...

EUVD-2005-3014

Malware in sbrugna...

EUVD-2022-33865

Malicious code in bioql PyPI...

CVE-2025-61582 Ts3 Manager: Unauthenticated Denial of Service possible through specially crafted Unicode input

TS3 Manager is modern web interface for maintaining Teamspeak3 servers. A Denial of Dervice vulnerability has been identified in versions 2.2.1 and earlier. The vulnerability permits an unauthenticated actor to crash the application through the submission of specially crafted Unicode input,...

CVE-2025-61582

TS3 Manager (Teamspeak3 server UI) is affected by CVE-2025-61582: an unauthenticated denial-of-service via specially crafted Unicode input submitted to the Server field on the login page. The root cause is improper handling of Unicode tag characters during ASCII conversion, causing an unhandled e...

CVE-2025-61582 Ts3 Manager: Unauthenticated Denial of Service possible through specially crafted Unicode input

TS3 Manager is modern web interface for maintaining Teamspeak3 servers. A Denial of Dervice vulnerability has been identified in versions 2.2.1 and earlier. The vulnerability permits an unauthenticated actor to crash the application through the submission of specially crafted Unicode input,...

Linux Distros Unpatched Vulnerability : CVE-2020-1769

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the login screens in agent and customer interface, Username and Password fields use autocomplete, which might be considered as security issue. This issue...

CVE-2021-45435

An SQL Injection vulnerability exists in Sourcecodester Simple Cold Storage Management System using PHP/OOP 1.0 via the username field in login.php...