1034 matches found
CVE-2022-47425
ARMember for WordPress
CVE-2022-47425 WordPress ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin <= 3.4.10 - Broken Access Control
Missing Authorization vulnerability in Repute Infosystems ARMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember: from n/a through 3.4.10...
CVE-2022-47425 WordPress ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin <= 3.4.10 - Broken Access Control
Missing Authorization vulnerability in Repute Infosystems ARMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember: from n/a through 3.4.10...
New Anonymous Phone Service
A new anonymous phone service allows you to sign up with just a zip code...
CVE-2023-53735
WEBIGniter 28.7.23 contains a cross-site scripting vulnerability in the user creation process that allows unauthenticated attackers to execute malicious JavaScript code, enabling potential XSS attacks...
A New Anonymous Phone Carrier Lets You Sign Up With Nothing but a Zip Code
Privacy stalwart Nicholas Merrill spent a decade fighting an FBI surveillance order. Now he wants to sell you phone service—without knowing almost anything about you...
CVE-2025-55796
The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and email change confirmation. These tokens are generated by hashing the current timestamp formatted ...
CVE-2025-13583
A weakness has been identified in code-projects Question Paper Generator 1.0. This affects an unknown part of the file /signupscript.php of the component POST Parameter Handler. Executing manipulation of the argument Fname can lead to sql injection. The attack can be executed remotely. The exploi...
Malicious code in signup-failover (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 312b617198eea306feca99cf5c14a0edb7668482ca605c8e74c2d20f71eddd19 The package signup-failover was found to contain malicious code. Source: ghsa-malware 930d3ccde5bf7b3147cb807fddbc366f04c3185a70a8ff885f106503b657300...
EUVD-2025-198631
Malicious code in signup-failover npm...
MAL-2025-190650 Malicious code in signup-failover (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 312b617198eea306feca99cf5c14a0edb7668482ca605c8e74c2d20f71eddd19 The package signup-failover was found to contain malicious code. Source: ghsa-malware 930d3ccde5bf7b3147cb807fddbc366f04c3185a70a8ff885f106503b657300...
EUVD-2025-198610
A weakness has been identified in code-projects Question Paper Generator 1.0. This affects an unknown part of the file /signupscript.php of the component POST Parameter Handler. Executing manipulation of the argument Fname can lead to sql injection. The attack can be executed remotely. The exploi...
Code-Projects Question Paper Generator SQL注入漏洞
Code-Projects Question Paper Generator is an open source question paper generation software from Code-Projects. Code-Projects Question Paper Generator version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter Fname in the file /signupscript.php...
CVE-2025-55796
The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and email change confirmation. These tokens are generated by hashing the current timestamp formatted ...
CVE-2025-55796
The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and email change confirmation. These tokens are generated by hashing the current timestamp formatted ...
CVE-2025-55796
The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and email change confirmation. These tokens are generated by hashing the current timestamp formatted ...
CVE-2025-55796
The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and email change confirmation. These tokens are generated by hashing the current timestamp formatted ...
PT-2025-47340
Name of the Vulnerable Software and Affected Versions openml/openml.org web application version v2.0.20241110 Description The web application generates predictable tokens based on MD5 hashing for critical user actions, including signup confirmation, password resets, email confirmation resends, an...
EUVD-2025-198034
The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and email change confirmation. These tokens are generated by hashing the current timestamp formatted ...
CVE-2025-55796
OpenML Frontend (openml.org) web app version v2.0.20241110 is affected by a token-generation flaw. Tokens used for signup confirmation, password resets, email confirmations/resends, and email changes are MD5-based and generated from the current timestamp (format "%d %H:%M:%S") without user-specif...