Lucene search
K

58 matches found

CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Follet School Solutions Destiny 安全漏洞

Follet School Solutions Destiny is a school solution provided by Follet Corporation. Versions of Follet School Solutions Destiny prior to 22.0.1 AU1 contained security vulnerabilities. These vulnerabilities stemmed from a cross-site scripting vulnerability in the showSupportExpiredMessage paramet...

5.1CVSS5.9AI score0.00319EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/08 12:0 a.m.7 views

CVE-2022-23961

In Thruk Monitoring through 2.46.3, the login field of the login form is vulnerable to reflected XSS. This vulnerability can be exploited by unauthenticated remote attackers to target users of the monitoring interface...

5.8AI score0.00201EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/08 12:0 a.m.29 views

CVE-2022-23961

In Thruk Monitoring through 2.46.3, the login field of the login form is vulnerable to reflected XSS. This vulnerability can be exploited by unauthenticated remote attackers to target users of the monitoring interface...

0.00201EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/26 11:39 a.m.23 views

CVE-2018-25209 OpenBiz Cubi Lite 3.0.8 SQL Injection via username Parameter

OpenBiz Cubi Lite 3.0.8 contains a SQL injection vulnerability in the login form that allows unauthenticated attackers to manipulate database queries through the username parameter. Attackers can submit POST requests to /bin/controller.php with malicious SQL code in the username field to extract...

8.8CVSS0.00327EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/07 1:44 a.m.6 views

CVE-2026-3613

A vulnerability was identified in Wavlink WL-NU516U1 V240425. This vulnerability affects the function sub401A0C of the file /cgi-bin/login.cgi. Such manipulation of the argument ipaddr leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is publicly...

8.6CVSS7.5AI score0.00709EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/02/27 12:0 a.m.8 views

Pro3W CMS SQL注入漏洞

Pro3W CMS is a content management system developed by the Polish company Pro3W. Version 1.2.0 of Pro3W CMS contains an SQL injection vulnerability. This vulnerability stems from improper handling of inputs in the login form, which could allow unauthenticated attackers to bypass authentication and...

9.3CVSS5.9AI score0.0047EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/02/03 9:13 p.m.12 views

PrestaShop affected by time based enumeration in FO login form

Impact A time-based user enumeration vulnerability in the user authentication functionality of PrestaShop. This vulnerability allows an attacker to determine whether a customer account exists in the system by measuring response times. Patches 8.2.4 and 9.0.3 Workarounds none References Found by L...

5.3CVSS5.5AI score0.00269EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/30 4:32 p.m.6 views

CVE-2026-1689 Tenda HG10 Login formLogin checkUserFromLanOrWan command injection

A vulnerability was detected in Tenda HG10 USHG7HG9HG10re300001138enxpon. The impacted element is the function checkUserFromLanOrWan of the file /boaform/admin/formLogin of the component Login Interface. The manipulation of the argument Host results in command injection. The attack can be launche...

7.5CVSS7AI score0.02537EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/09 12:27 p.m.6 views

CVE-2018-12689

phpLDAPadmin 1.2.2 allows LDAP injection via a crafted serverid parameter in a cmd.php?cmd=loginform request, or a crafted username and password in the login panel...

9.8CVSS7.2AI score0.01784EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.4 views

Opensolution Quick.Cms SQL注入漏洞

Opensolution Quick.Cms is a website builder for building text management platforms from Opensolution Poland. An SQL injection vulnerability exists in Opensolution Quick.Cms version 6.7, which stems from an SQL injection in the login form that could lead to unauthorized administrator access...

9.8CVSS7.7AI score0.00612EPSS
Exploits1References5
CNVD
CNVD
added 2025/10/13 12:0 a.m.3 views

AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23555)

AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...

6.1CVSS6.5AI score0.00181EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-0310

Malware in sbrugna...

6.1CVSS6.1AI score0.00685EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-0116

Malware in sbrugna...

6.1CVSS6.1AI score0.00739EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-5332

Malware in sbrugna...

9.8CVSS9.5AI score0.01234EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-11318

Malware in sbrugna...

6.1CVSS6.2AI score0.03379EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2014-8371

Malware in sbrugna...

2.1CVSS6.4AI score0.00293EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-23368

Malware in sbrugna...

5.3CVSS5.6AI score0.01661EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2002-2014

Malware in sbrugna...

7.5CVSS6.4AI score0.0121EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-43603

Malicious code in bioql PyPI...

5.9CVSS6.1AI score0.01011EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-24837

Malicious code in bioql PyPI...

7.8CVSS5.6AI score0.0025EPSS
Exploits1References6
Rows per page
Query Builder