75 matches found
PT-2026-5474
Name of the Vulnerable Software and Affected Versions Infor Storefront B2B version 1.0 Description Infor Storefront B2B version 1.0 contains a SQL injection issue that allows attackers to manipulate database queries. This is achieved through the usr name parameter within login requests. Attackers...
EUVD-2022-55927
H3C SSL VPN contains a user enumeration vulnerability that allows attackers to identify valid usernames through the 'txtUsrName' POST parameter. Attackers can submit different usernames to the loginsubmit.cgi endpoint and analyze response messages to distinguish between existing and non-existing...
EUVD-2025-204687
A vulnerability was found in code-projects Simple Stock System 1.0. Impacted is an unknown function of the file /logout.php. The manipulation of the argument uname results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...
CVE-2021-47717
IntelliChoice eFORCE Software Suite 2.5.9 contains a username enumeration vulnerability that allows attackers to enumerate valid users by exploiting the 'ctl00$MainContent$UserName' POST parameter. Attackers can send requests with valid usernames to retrieve user information...
IntelliChoice eFORCE Software Suite 安全漏洞
IntelliChoice eFORCE Software Suite is an integrated software for public safety and law enforcement agencies from IntelliChoice USA. A security vulnerability exists in IntelliChoice eFORCE Software Suite version 2.5.9, which stems from a username enumeration issue with the UserName parameter that...
EUVD-2025-198998
alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting XSS via the "userName" parameter...
CVE-2025-63498
alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting XSS via the "userName" parameter...
UBUNTU-CVE-2025-63498
alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting XSS via the "userName" parameter...
CVE-2025-63498
alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting XSS via the "userName" parameter...
CVE-2025-61539
Cross site scripting XSS vulnerability in Ultimate PHP Board 2.2.7 via the uname parameter in lostpassword.php...
EUVD-2009-2336
Malware in sbrugna...
EUVD-2017-5905
Malware in sbrugna...
EUVD-2025-32467
A vulnerability was identified in Belkin F9K1015 1.00.10. The affected element is an unknown function of the file /goform/formWanTcpipSetup. The manipulation of the argument pppUserName leads to buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and...
EUVD-2022-32545
Malicious code in bioql PyPI...
SiempreCMS SQL注入漏洞
SiempreCMS is a content management system of SiempreCMS open source. SiempreCMS 1.3.6 and earlier versions have a SQL injection vulnerability that stems from incorrect manipulation of the parameter name/userName in the file usersearchajax.php resulting in SQL injection...
Modern Bag login-back.php File SQL Injection Vulnerability
Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter user-name in file /admin/login-back.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...
Code-Projects Modern Bag 注入漏洞
Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter user-name in file /admin/login-back.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...
CVE-2023-26959
Phpgurukul Park Ticketing Management System 1.0 is vulnerable to SQL Injection via the User Name parameter...
Gym Management System 注入漏洞
Gym Management System is a gym management system from SourceCodester. An injection vulnerability exists in Gym Management System version 1.0, which stems from an incorrect manipulation of the parameter username that can lead to SQL injection...
WordPress plugin Yotpo: Product & Photo Reviews for WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...