EUVD-2021-32786

Malicious code in bioql PyPI...

My Calendar < 3.4.24 - Authenticated Stored XSS

Description The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Subscriber to perform Cross-Site Scripting attacks depending on the permissions set by the admin 1. Use any type of role as long as you permit it the action to Add Events. 2. Add a n...

Cross site scripting

uscat, as of 2021-12-28, is vulnerable to Cross Site Scripting XSS via "close registration information" input box...

User Management System 2.0 - Persistent Cross-Site Scripting

Exploit Title: User Management System 2.0 - Persistent Cross-Site Scripting Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/ Version: v2.0 Tested on: Xampp Credit: İsmail BOZKU...

CVE-2006-2402

Buffer overflow in the changeRegistration function in servernet.cpp for Outgun 1.0.3 bot 2 and earlier allows remote attackers to change the registration information of other players via a long string...

CVE-2006-2402

Buffer overflow in the changeRegistration function in servernet.cpp for Outgun 1.0.3 bot 2 and earlier allows remote attackers to change the registration information of other players via a long string...

CVE-2002-1934

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 2.0.1 leaks sensitive information during boot-up, which allows attackers to obtain the MD5 hash of the Admin password, MD5 hash of the physical password, and other registration information...

PT-2002-2655 · Pingtel · Xpressa

Name of the Vulnerable Software and Affected Versions: Pingtel xpressa SIP-based voice-over-IP phone versions 1.2.5 through 2.0.1 Description: The issue allows attackers to obtain sensitive information, including the MD5 hash of the Admin password, MD5 hash of the physical password, and other...

CyberPatrol - poor credit card protection

CyberPatrol - poor credit card protection SUMMARY Product: Cyber Patrol vunerable versions: 4.04.003 & 4.04.005 possibly all other versions non-vunerable versions: unknown Vendor: Microsys formerly owned by Mattel, now JSB Vendor Contacted: Fri, 18 Aug 2000 11:52:20 -0500 CDT Fixes: None availabl...

Microsys CyberPatrol 4.0 4.0034.0 4.005 - Insecure Registration

Microsys CyberPatrol 4.0 4.0034.0 4.005 - Insecure Registration source: https://www.securityfocus.com/bid/1977/info CyberPatrol is popular web access restriction software by Microsys. A vulnerability exists in the way CyberPatrol submits registration information from its client software to...