202 matches found
CVE-2025-40736
A vulnerability has been identified in SINEC NMS All versions V4.0. The affected application exposes an endpoint that allows an unauthorized modification of administrative credentials. This could allow an unauthenticated attacker to reset the superadmin password and gain full control of the...
CVE-2019-16173
LimeSurvey before v3.17.14 allows reflected XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. This occurs in application/core/SurveyCommonAction.php,...
Incorrect Permission Assignment for Critical Resource
Overview xmo/mine-core is a mineadmin core package Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource due to login to the superAdmin account by using the default credentials. An attacker can execute arbitrary commands and gain full account...
📄 Xorcom CompletePBX 5.2.35 Remote Code Execution
Xorcom CompletePBX suffers from an authenticated command injection vulnerability within the Task Scheduler subsystem. An attacker with valid superadmin credentials can create a scheduled task containing unsanitized parameters that get executed by the backend, resulting in remote command execution...
EUVD-2025-44058
A Cross-Site Request Forgery CSRF vulnerability in the SourceCodester Client Database Management System 1.0 allows an attacker to cause an authenticated administrative user to perform user deletion actions without their consent. The application's user deletion endpoint e.g.,...
GHSA-G59R-24G3-H7CM Statamic Vulnerable to Superadmin Account Takeover via Stored Cross-Site Scripting and Lack of Proper X-CSRF-TOKEN Server-Side Validation
Impact Stored XSS vulnerabilities in Collections and Taxonomies allow authenticated users with content creation permissions to inject malicious JavaScript that executes when viewed by higher-privileged users. This affects: - Control panel users with permission to create or edit Collections and...
Statamic Vulnerable to Superadmin Account Takeover via Stored Cross-Site Scripting and Lack of Proper X-CSRF-TOKEN Server-Side Validation
Impact Stored XSS vulnerabilities in Collections and Taxonomies allow authenticated users with content creation permissions to inject malicious JavaScript that executes when viewed by higher-privileged users. This affects: - Control panel users with permission to create or edit Collections and...
EUVD-2014-0680
Malware in sbrugna...
EUVD-2008-0585
Malware in sbrugna...
EUVD-2006-5721
Malware in sbrugna...
EUVD-2010-4698
Malware in sbrugna...
EUVD-2020-2694
Malware in sbrugna...
EUVD-2024-1920
Malicious code in bioql PyPI...
EUVD-2025-20433
Malicious code in bioql PyPI...
EUVD-2022-44534
Malicious code in bioql PyPI...
EUVD-2022-5098
Malicious code in bioql PyPI...
EUVD-2022-28170
Malicious code in bioql PyPI...
EUVD-2025-28404
Malicious code in bioql PyPI...
EUVD-2023-0963
Malicious code in bioql PyPI...
EUVD-2024-47897
Malicious code in bioql PyPI...