CVE-2023-37468 Storing unencrypted LDAP passwords in feedbacksystem

Feedbacksystem is a personalized feedback system for students using artificial intelligence. Passwords of users using LDAP login are stored in clear text in the database. The LDAP users password is passed unencrypted in the LoginController.scala and stored in the database when logging in for the...

CVE-2015-2099

Multiple buffer overflows in WebGate Control Center allow remote attackers to execute arbitrary code via unspecified vectors to the 1 GetRecFileInfo function in the FileConverter.FileConverterCtrl.1 control, 2 Login function in the LoginContoller.LoginControllerCtrl.1 control, or 3 GetThumbnail...

CVE-2017-14145

HelpDEZk 1.1.1 has SQL Injection in app\modules\admin\controllers\loginController.php via the admin/login/getWarningInfo/id/ PATHINFO, related to the selectWarning function...

Mao10CMS V3.1.0 SQL注入 2

简要描述： Mao10CMS V3.1.0 SQL注入 2 另外一处 详细说明： Application\User\Controller\LoginController.class.php 第17行 $pageid = M'meta'-where"metakey='username' AND metavalue='".I'param.username'."' AND type='user'"-getField'pageid'; I'param.username' 没有经过过滤，可以sql注入，payload: ' and sleep5 确实可以注入。 漏洞证明：...

IBM Rational Focal Point LoginController Servlet Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Rational Focal Point. Authentication is not required to exploit this vulnerability. The specific flaw exists within com.telelogic.focalpoint.pres.controller.LoginController servlet which contai...