82 matches found
CVE-2026-53949 Ghost Content API filter bypass reveals private fields
Ghost is a Node.js content management system. From 5.46.1 until 6.21.2, the validation applied to filters on the public API endpoints could be partially bypassed, making it possible to reveal private fields via a brute force attack. If SQLite was used as the database password hashes were fully...
CVE-2020-37116
GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise...
CVE-2020-37116 GUnet OpenEclass 1.7.3 E-learning platform - phpMyAdmin Remote Access
GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise...
EUVD-2020-30979
GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise...
CVE-2020-37116
GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise...
PT-2026-5861
GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise...
CVE-2003-1480
MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods...
EUVD-2004-1225
Malware in sbrugna...
EUVD-2014-8441
Malware in sbrugna...
EUVD-2007-2758
Malware in sbrugna...
EUVD-2011-3160
Malware in sbrugna...
EUVD-2005-4655
Malware in sbrugna...
EUVD-2019-1988
Malware in sbrugna...
EUVD-2001-1236
Malware in sbrugna...
EUVD-2017-9524
Malware in sbrugna...
EUVD-2022-2415
Malicious code in bioql PyPI...
CVE-2017-18408
cPanel before 67.9999.103 allows stored XSS in WHM MySQL Password Change interfaces SEC-282...
Default credentials
Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to perform a brute force attack and easily discover the root password...
The vulnerability in the corporate version of the GitHub Enterprise Server, related to the improper assignment of permissions for files, allows a violator to obtain the MySQL password.
The vulnerability in the corporate version of the GitHub Enterprise Server is related to the improper assignment of permissions for files. Exploiting this vulnerability could allow a hacker to obtain the MySQL password...
PT-2023-6495 · Github · Github Enterprise Server
Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server affected versions not specified Description: The issue is related to incorrect permission assignment for files in the corporate version of GitHub Enterprise Server. This could allow an attacker to obtain the MySQL...