58 matches found
Follet School Solutions Destiny 安全漏洞
Follet School Solutions Destiny is a school solution provided by Follet Corporation. Versions of Follet School Solutions Destiny prior to 22.0.1 AU1 contained security vulnerabilities. These vulnerabilities stemmed from a cross-site scripting vulnerability in the showSupportExpiredMessage paramet...
CVE-2022-23961
In Thruk Monitoring through 2.46.3, the login field of the login form is vulnerable to reflected XSS. This vulnerability can be exploited by unauthenticated remote attackers to target users of the monitoring interface...
CVE-2022-23961
In Thruk Monitoring through 2.46.3, the login field of the login form is vulnerable to reflected XSS. This vulnerability can be exploited by unauthenticated remote attackers to target users of the monitoring interface...
CVE-2018-25209 OpenBiz Cubi Lite 3.0.8 SQL Injection via username Parameter
OpenBiz Cubi Lite 3.0.8 contains a SQL injection vulnerability in the login form that allows unauthenticated attackers to manipulate database queries through the username parameter. Attackers can submit POST requests to /bin/controller.php with malicious SQL code in the username field to extract...
CVE-2026-3613
A vulnerability was identified in Wavlink WL-NU516U1 V240425. This vulnerability affects the function sub401A0C of the file /cgi-bin/login.cgi. Such manipulation of the argument ipaddr leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is publicly...
Pro3W CMS SQL注入漏洞
Pro3W CMS is a content management system developed by the Polish company Pro3W. Version 1.2.0 of Pro3W CMS contains an SQL injection vulnerability. This vulnerability stems from improper handling of inputs in the login form, which could allow unauthenticated attackers to bypass authentication and...
PrestaShop affected by time based enumeration in FO login form
Impact A time-based user enumeration vulnerability in the user authentication functionality of PrestaShop. This vulnerability allows an attacker to determine whether a customer account exists in the system by measuring response times. Patches 8.2.4 and 9.0.3 Workarounds none References Found by L...
CVE-2026-1689 Tenda HG10 Login formLogin checkUserFromLanOrWan command injection
A vulnerability was detected in Tenda HG10 USHG7HG9HG10re300001138enxpon. The impacted element is the function checkUserFromLanOrWan of the file /boaform/admin/formLogin of the component Login Interface. The manipulation of the argument Host results in command injection. The attack can be launche...
CVE-2018-12689
phpLDAPadmin 1.2.2 allows LDAP injection via a crafted serverid parameter in a cmd.php?cmd=loginform request, or a crafted username and password in the login panel...
Opensolution Quick.Cms SQL注入漏洞
Opensolution Quick.Cms is a website builder for building text management platforms from Opensolution Poland. An SQL injection vulnerability exists in Opensolution Quick.Cms version 6.7, which stems from an SQL injection in the login form that could lead to unauthorized administrator access...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23555)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
EUVD-2020-0310
Malware in sbrugna...
EUVD-2018-0116
Malware in sbrugna...
EUVD-2015-5332
Malware in sbrugna...
EUVD-2021-11318
Malware in sbrugna...
EUVD-2014-8371
Malware in sbrugna...
EUVD-2020-23368
Malware in sbrugna...
EUVD-2002-2014
Malware in sbrugna...
EUVD-2022-43603
Malicious code in bioql PyPI...
EUVD-2025-24837
Malicious code in bioql PyPI...