PT-2024-37516 · WordPress · Wps Hide Login

Name of the Vulnerable Software and Affected Versions: WPS Hide Login WordPress plugin versions prior to 1.9.16.4 Description: The issue allows an unauthenticated visitor to access the hidden login page due to the plugin not preventing redirects to the login page via the auth redirect WordPress...

PT-2024-2528 · Jetbrains · Jetbrains Teamcity +1

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2024.03 Description: The issue is related to an open redirect vulnerability on the login page of JetBrains TeamCity. This could allow a remote attacker to redirect a user to an arbitrary URL...

PT-2024-12880 · Unknown · Openclinic Ga

Name of the Vulnerable Software and Affected Versions: OpenClinic GA version 5.247.01 Description: A Reflected Cross-Site Scripting XSS issue has been discovered. The message parameter in the login.jsp is vulnerable. Recommendations: For OpenClinic GA version 5.247.01, avoid using the message...

PT-2024-19013 · Vantage6 · Vantage6

Name of the Vulnerable Software and Affected Versions: vantage6 versions prior to 4.2.0 Description: The vantage6 technology is used to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. It is possible to find out usernames from the respon...

PT-2023-24784 · Kyocera · Kyocera Taskalfa 4053Ci

Name of the Vulnerable Software and Affected Versions: Kyocera TASKalfa 4053ci printers through 2VG S000.002.561 Description: The issue allows identification of valid user accounts via username enumeration. This occurs because the system returns a "nicht einloggen" error rather than a "falsch"...

PT-2023-29764 · Wipotec Gmbh · Comscale

Name of the Vulnerable Software and Affected Versions: WIPOTEC GmbH ComScale versions 4.3.29.21344 through 4.4.12.723 Description: An issue in WIPOTEC GmbH ComScale allows unauthenticated attackers to login as any user without a password. Recommendations: For versions 4.3.29.21344 and 4.4.12.723,...

PT-2023-6846 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.10 Description: The issue is related to the lack of path filtering on the GLPI URL, which may allow an attacker to transmit a malicious URL of the login page to attempt a phishing attack on user credentials. This c...

PT-2023-28721 · Macrob7 · Macrob7 Macs Framework Content Management System

Name of the Vulnerable Software and Affected Versions: Macrob7 Macs Framework Content Management System CMS version 1.1.4f Description: The issue is related to a PHP type confusion vulnerability due to loose comparison in the isValidLogin function during a login attempt. This vulnerability can le...

PT-2023-5182 · Unknown · Qms Automotive

Name of the Vulnerable Software and Affected Versions: QMS Automotive versions prior to V12.39 Description: A vulnerability has been identified in QMS Automotive that allows an attacker to enumerate usernames and identify valid usernames due to the application returning inconsistent error message...

PT-2023-25741 · Sourcecodester · Sourcecodester Insurance Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Life Insurance Management System version 1.0 Description: A critical vulnerability was found in the SourceCodester Life Insurance Management System. This issue affects the file login.php and is caused by the manipulation of the...