Lucene search
K

8 matches found

OSV
OSV
added 2024/07/15 6:15 a.m.6 views

CVE-2024-6289

The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the authredirect WordPress function, allowing an unauthenticated visitor to access the hidden login page...

6.1CVSS5.8AI score0.00904EPSS
Exploits1References1
OSV
OSV
added 2024/04/15 11:15 a.m.5 views

CVE-2024-23486

Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker with access to the product's login page may obtain configured credentials...

9.8CVSS5.8AI score0.00561EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.3 views

BUFFALO wireless LAN routers 安全漏洞

Buffalo BUFFALO wireless LAN routers are a series of routers from Buffalo, Japan. A security vulnerability exists in BUFFALO wireless LAN, which arises from passwords being stored in clear text. An attacker could exploit the vulnerability to gain access to the product's login page to obtain...

9.8CVSS6.6AI score0.00561EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/10/16 7:39 p.m.9 views

CVE-2023-5089 Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)

The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page via the authredirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled...

7.1AI score0.02235EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2022/09/18 12:0 a.m.10 views

PT-2022-25526 · Modern Campus · Modern Campus - Omni Cms

Name of the Vulnerable Software and Affected Versions: Modern Campus Omni CMS formerly OU Campus version 10.2.4 Description: The issue allows for SQL injection via a specific substring on the login page. This can be achieved by using a substring such as ' OR 1 = 1 -- - , ?php'. Recommendations: F...

9.8CVSS9.6AI score0.00807EPSS
Exploits1References4
CNVD
CNVD
added 2016/04/28 12:0 a.m.6 views

LOCKON EC-CUBE Access Privilege Vulnerability (CNVD-2016-02686)

LOCKON EC-CUBE is an open source e-commerce website building platform developed by Japan LOCKON Co. The platform supports product login, user evaluation, artwork layout and so on. An access privilege vulnerability exists in LOCKON EC-CUBE versions 3.0.0 through 3.0.9. A remote attacker can exploi...

5.3CVSS7AI score0.01301EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/04/26 4:56 a.m.4 views

EC-CUBE fails to restrict access permissions

Overview EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE fails to restrict access permissions. Note that this vulnerability is different from JVN11458774. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC...

5.3CVSS6.7AI score0.01301EPSS
Exploits0References6
securityvulns
securityvulns
added 2002/04/04 12:0 a.m.41 views

SQL injection in PHPGroupware

Preface PHPGroupware is a Groupware application written in PHP. It provides a framework of applications like calendar, ToDo list, notes, HR management, that come with PHPGroupware as well as an API to write new applications. All data is stored in an SQL database. + Problem PHPGroupware 0.9.12 the...

0.1AI score
Exploits0
Rows per page
Query Builder