24 matches found
ZZcms - Cross-Site Scripting
ZZcms 2019 contains a cross-site scripting vulnerability in the user login page. An attacker can inject arbitrary JavaScript code in the referer header via user/login.php, which can allow theft of cookie-based credentials and launch of subsequent attacks. id: CVE-2020-20285 info: name: ZZcms -...
AVideo has an Open Redirect via Unvalidated redirectUri in userLogin.php
Summary WWBN/AVideo contains an open redirect vulnerability in the login flow where a user-supplied redirectUri parameter is reflected directly into a JavaScript document.location assignment without JavaScript-safe encoding. After a user completes the login popup flow, a timer callback executes t...
CVE-2021-31631
b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery CSRF via the User login page. This vulnerability allows attackers to escalate privileges...
PT-2025-50766
Name of the Vulnerable Software and Affected Versions KodExplorer version 4.52 Description KodExplorer 4.52 contains an open redirect issue in the user login page. Attackers can manipulate the link parameter to redirect users to arbitrary external websites after authentication. The vulnerable...
CVE-2024-44653
Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the useremail parameter in userlogin.php...
ZenTao多款产品 安全漏洞
ZenTao Biz and others are a project management software from the Chinese company ZenTao. A security vulnerability exists in several ZenTao products, which stems from insufficient validation of the parameter account in the file /zentao/user-login.html, which could lead to an SQL injection attack...
EUVD-2020-13072
Malware in sbrugna...
EUVD-2021-18520
Malware in sbrugna...
EUVD-2014-1989
Malware in sbrugna...
CVE-2020-20285
There is a XSS in the user login page in zzcms 2019. Users can inject js code by the referer header via user/login.php...
CVE-2023-5142
A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of th...
Piyanas 0.1 Cross Site Request Forgery
==================================================================================================================================== | Title : Piyanas v0.1 User Login Page CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | ...
CVE-2021-31631
b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery CSRF via the User login page. This vulnerability allows attackers to escalate privileges...
CVE-2021-31631
b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery CSRF via the User login page. This vulnerability allows attackers to escalate privileges...
CVE-2021-31631
b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery CSRF via the User login page. This vulnerability allows attackers to escalate privileges...
CVE-2020-29228
EGavilanMedia User Registration and Login System With Admin Panel 1.0 is affected by SQL injection in the User Login Page...
CVE-2020-20285
There is a XSS in the user login page in zzcms 2019. Users can inject js code by the referer header via user/login.php...
CVE-2020-20285
ZZCMS 2019 contains a cross-site scripting vulnerability in the user login page. An attacker can inject arbitrary JavaScript via the referer header in user/login.php, as documented by the Nuclei template for CVE-2020-20285. Impact per the connected sources includes potential theft of cookies and ...
ZZCMS 跨站脚本漏洞
ZZCMS is the content management system of Webmaster Merchants. A cross-site scripting vulnerability exists in the user login page of zzcms 2019. An attacker can exploit this vulnerability by injecting js code via user/login.php via the referer header...
EgavilanMedia User Registration & Login System with Admin Panel 1.0 - CSRF
Exploit Title: EgavilanMedia User Registration & Login System with Admin Panel 1.0 - CSRF Date: 01-12-2020 Exploit Author: Hardik Solanki Vendor Homepage: http://egavilanmedia.com Software Link:...