LatePoint <= 5.0.12 - Authentication Bypass

LatePoint plugin for WordPress versions up to 5.0.12 contains an authentication bypass caused by insufficient verification of user during booking, letting unauthenticated attackers log in as any existing user if they have user ID access, exploit requires access to user ID, and the 'Use WordPress...

ZZcms - Cross-Site Scripting

ZZcms 2019 contains a cross-site scripting vulnerability in the user login page. An attacker can inject arbitrary JavaScript code in the referer header via user/login.php, which can allow theft of cookie-based credentials and launch of subsequent attacks. id: CVE-2020-20285 info: name: ZZcms -...

mooSocial v.3.1.8 - Cross-Site Scripting

A cross-site Scripting XSS vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code by sending a crafted payload to the adminredirecturl parameter of the user login function. id: CVE-2023-44812 info: name: mooSocial v.3.1.8 - Cross-Site Scripting author: ritikchaddha...

CVE-2026-10731

SQL injection in the ‘twostepsauthcode’ parameter processed by the ‘twoStepsAuthVerification’ function within the ‘/user-login’ endpoint. The two-factor authentication 2FA functionality can be accessed without prior authentication, allowing unauthenticated attackers to execute arbitrary SQL queri...

CVE-2026-10731

SQL injection in the ‘twostepsauthcode’ parameter processed by the ‘twoStepsAuthVerification’ function within the ‘/user-login’ endpoint. The two-factor authentication 2FA functionality can be accessed without prior authentication, allowing unauthenticated attackers to execute arbitrary SQL queri...

CVE-2026-10731 SQL injection in Nemon products

SQL injection in the ‘twostepsauthcode’ parameter processed by the ‘twoStepsAuthVerification’ function within the ‘/user-login’ endpoint. The two-factor authentication 2FA functionality can be accessed without prior authentication, allowing unauthenticated attackers to execute arbitrary SQL queri...

CVE-2026-10731 SQL injection in Nemon products

SQL injection in the ‘twostepsauthcode’ parameter processed by the ‘twoStepsAuthVerification’ function within the ‘/user-login’ endpoint. The two-factor authentication 2FA functionality can be accessed without prior authentication, allowing unauthenticated attackers to execute arbitrary SQL queri...

CVE-2026-10731

CVE-2026-10731 describes a SQL injection flaw in the two_steps_auth_code parameter processed by the twoStepsAuthVerification function in the /user-login endpoint of Nemon products. The vulnerability allows unauthenticated attackers to execute arbitrary SQL on the backend database, potentially ena...

EUVD-2026-35387

SQL injection in the ‘twostepsauthcode’ parameter processed by the ‘twoStepsAuthVerification’ function within the ‘/user-login’ endpoint. The two-factor authentication 2FA functionality can be accessed without prior authentication, allowing unauthenticated attackers to execute arbitrary SQL queri...

PT-2026-47729

SQL injection in the ‘two steps auth code’ parameter processed by the ‘twoStepsAuthVerification’ function within the ‘/user-login’ endpoint. The two-factor authentication 2FA functionality can be accessed without prior authentication, allowing unauthenticated attackers to execute arbitrary SQL...

CVE-2026-3655

The OTP Login With Phone Number, OTP Verification plugin for WordPress is vulnerable to authentication bypass in versions 1.8.50 through 1.8.60. This is due to the Firebase verification flow in the lwpajaxregister AJAX handler not binding the Firebase session to the phone number supplied in the...

CVE-2026-8360

Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface in various DLLs i.e., WOSProfileMgrModule.dll, WOSWebDavModule.dll can return a NULL pointer i.e., when no user is logged into the Triofox Server Agent Management Console. The returned NULL pointer is not checked before being...

EUVD-2026-32079

The Firebase Support & Chat Management plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.1.1. This is due to the firebaseauth function authenticating the request as the WordPress user whose email is supplied in the useremail POST parameter without...

CVE-2026-42098 Authorization Bypass in Sparx Enterprise Architect

Sparx Enterprise Architect software has a security feature that limits user's actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect client behavior e.g. using a debugger and log in as any other user or administrator - then it is possible to do every...

Reliance on Untrusted Inputs in a Security Decision

Overview sillytavern is a LLM Frontend for Power Users Affected versions of this package are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the headerUserLogin function. An attacker can gain unauthorized access to any user account, including administrators, by injecting...

CVE-2026-5794

The CVE-2026-5794 entry concerns Cryptobox. A vulnerability in the detailed versions of Cryptobox allows an authenticated user to cause an account lockout for another user by sending a specially crafted request. The documented impact is on availability (high) with no confidentiality or integrity ...

EUVD-2026-26045

mpGabinet performs client-side authentication. An attacker with access to any application instance connected to the backend server can bypass the login verification process by manipulating the application binary and authenticate as an arbitrary user. This issue affects mpGabinet version 23.12.19...

CVE-2025-14362

The login limit is not enforced on the SFTP service of Fortra's GoAnywhere MFT prior to 7.10.0 if the Web User attempting to be logged in to is configured to log in with an SSH Key, making the SSH key vulnerable to being guessed via Brute Force...

EUVD-2026-21386

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

CVE-2026-33746 Convoy: JWT Signature Verification Bypass Allows Authentication as Arbitrary Users

Convoy is a KVM server management panel for hosting businesses. From version 3.9.0-beta to before version 4.5.1, the JWTService::decode method did not verify the cryptographic signature of JWT tokens. While the method configured a symmetric HMAC-SHA256 signer via lcobucci/jwt, it only validated...