CVE-2020-21179

Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious SQL statement via the name parameter to the signin page...

CVE-2014-8293

Cross-site scripting XSS vulnerability in Voice Of Web AllMyGuests 0.4.1 allows remote attackers to inject arbitrary web script or HTML via the AMGsignintopic parameter to index.php...

PT-2024-17815 · Unknown · Codeastro House Rental Management System

Name of the Vulnerable Software and Affected Versions: CodeAstro House Rental Management System version 1.0 Description: A critical issue affects some unknown functionality of the file /signin.php. The manipulation of the argument u/p leads to SQL injection. The attack may be launched remotely. T...

CVE-2024-12791

A vulnerability was found in Codezips E-Commerce Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file signin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...

Codezips E-Commerce Site 注入漏洞

Codezips E-Commerce Site is an open source e-commerce site by Codezips. An injection vulnerability exists in Codezips E-Commerce Site version 1.0, which stems from an SQL injection vulnerability contained in the email parameter of the signin.php file...

PT-2024-17742 · Unknown · Codezips E-Commerce Site

Name of the Vulnerable Software and Affected Versions: Codezips E-Commerce Site version 1.0 Description: A critical issue has been found in the signin.php file, affecting unknown processes. The manipulation of the email argument leads to SQL injection. The attack can be initiated remotely. The...

WordPress Sign In With Google plugin <= 1.8.0 - Authentication Bypass in authenticate_user vulnerability

Authentication Bypass in authenticateuser vulnerability discovered by shaman0x01 in WordPress Plugin Sign In With Google versions = 1.8.0...

GHSA-64F8-PJGR-9WMR Untrusted Query Object Evaluation in RPC API

During the sign in and sign up operations through the SurrealDB RPC API, an arbitrary object would be accepted in order to support a wide array of types and structures that could contain user credentials. This arbitrary object could potentially contain any SurrealDB value, including an object...

Untrusted Query Object Evaluation in RPC API

During the sign in and sign up operations through the SurrealDB RPC API, an arbitrary object would be accepted in order to support a wide array of types and structures that could contain user credentials. This arbitrary object could potentially contain any SurrealDB value, including an object...

GO-2024-2848 Grafana when using email as a username can block other users from signing in in github.com/grafana/grafana

Grafana when using email as a username can block other users from signing in in github.com/grafana/grafana. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

CVE-2024-0545

A vulnerability classified as problematic was found in CodeCanyon RISE Ultimate Project Manager 3.5.3. This vulnerability affects unknown code of the file /index.php/signin. The manipulation of the argument redirect with the input http://evil.com leads to open redirect. The attack can be initiate...

CVE-2024-0545 CodeCanyon RISE Rise Ultimate Project Manager signin redirect

A vulnerability classified as problematic was found in CodeCanyon RISE Rise Ultimate Project Manager 3.5.3. This vulnerability affects unknown code of the file /index.php/signin. The manipulation of the argument redirect with the input http://evil.com leads to open redirect. The attack can be...

CVE-2024-0545 CodeCanyon RISE Ultimate Project Manager signin redirect

A vulnerability classified as problematic was found in CodeCanyon RISE Ultimate Project Manager 3.5.3. This vulnerability affects unknown code of the file /index.php/signin. The manipulation of the argument redirect with the input http://evil.com leads to open redirect. The attack can be initiate...

CodeCanyon RISE Ultimate Project Manager Input Validation Error Vulnerability

CodeCanyon RISE Ultimate Project Manager is a project management and CRM software from CodeCanyon, Inc. An input validation error vulnerability exists in CodeCanyon RISE Ultimate Project Manager version 3.5.3, which stems from an open redirection vulnerability in file /index.php/signin...

PT-2024-15645 · Unknown · Codecanyon Rise Ultimate Project Manager

Name of the Vulnerable Software and Affected Versions: CodeCanyon RISE Rise Ultimate Project Manager version 3.5.3 Description: A problematic vulnerability was found in the CodeCanyon RISE Rise Ultimate Project Manager, affecting the file /index.php/signin. The manipulation of the redirect argume...

CVE-2023-6415

A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via signin.php in the user parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all...

FUXA SQL Injection vulnerability

FUXA = 1.1.12 is vulnerable to SQL Injection via /api/signin...

CVE-2023-31719

FUXA = 1.1.12 is vulnerable to SQL Injection via /api/signin...

CVE-2023-31719

FUXA = 1.1.12 is vulnerable to SQL Injection via /api/signin...

CVE-2023-31719

FUXA = 1.1.12 is vulnerable to SQL Injection via /api/signin...