CVE-2019-25741

Mobatek MobaXterm 12.1 contains a structured exception handling SEH based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the...

EUVD-2019-20177

Mobatek MobaXterm 12.1 contains a structured exception handling SEH based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the...

CVE-2019-25741 Mobatek MobaXterm 12.1 Buffer Overflow via Sessions File

Mobatek MobaXterm 12.1 contains a structured exception handling SEH based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the...

CVE-2019-25741 Mobatek MobaXterm 12.1 Buffer Overflow via Sessions File

Mobatek MobaXterm 12.1 contains a structured exception handling SEH based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the...

CVE-2019-25741

Mobatek MobaXterm 12.1 is affected by a SEH-based buffer overflow in the username field of session files. An attacker can craft a malicious sessions file that overflows the username, triggering code execution when imported, potentially enabling a reverse shell with the user’s privileges. The CVE ...

PT-2026-46211

Mobatek MobaXterm 12.1 contains a structured exception handling SEH based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the...

CVE-2026-10225

The CVE describes a SQL injection in the raisulislamg4 student_management_system_by_php, affecting the Login component via login_check.php when manipulating the Username argument. The issue is exploitable remotely over a NETWORK attack vector with LOW attack complexity and NO privileges required,...

CVE-2026-9380 Edimax BR-6675nD POST Request formL2TPSetup buffer overflow

A security vulnerability has been detected in Edimax BR-6675nD 1.12. Affected is the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. Such manipulation of the argument L2TPUserName leads to buffer overflow. The attack can be launched remotely. The...

CVE-2026-41932 Vvveb < 1.0.8.3 Stored XSS via Signup Controller

Vvveb before 1.0.8.3 contains a stored cross-site scripting vulnerability in the customer signup flow where the Signup::addUser controller copies raw POST username values into the displayname field before sanitization occurs. Attackers can submit HTML and script markup in the username field durin...

EUVD-2026-30296

Vvveb before 1.0.8.3 contains a stored cross-site scripting vulnerability in the customer signup flow where the Signup::addUser controller copies raw POST username values into the displayname field before sanitization occurs. Attackers can submit HTML and script markup in the username field durin...

CVE-2026-41462

ProjeQtor versions 7.0 through 12.4.3 contain an unauthenticated SQL injection vulnerability in the login functionality where the login variable is directly concatenated into a SQL query without parameterization or sanitization. Attackers can inject arbitrary SQL expressions through the username...

EUVD-2024-31033

Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page...

CVE-2026-8132

CVE-2026-8132 affects CodeAstro Leave Management System 1.0. The vulnerability resides in an unknown function of login.php, where manipulation of the txt_username argument enables SQL injection. The issue can be triggered remotely and the exploit has been made public, indicating realism and poten...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the username field in the FSx Windows File Server volume mounting process. An attacker can execute arbitrary shell commands with SYSTEM privileges on the underlying host by supplying specially crafted input. This i...

CVE-2026-41462

ProjeQtor versions 7.0 through 12.4.3 contain an unauthenticated SQL injection vulnerability in the login functionality where the login variable is directly concatenated into a SQL query without parameterization or sanitization. Attackers can inject arbitrary SQL expressions through the username...

CVE-2026-39109

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 within the username parameter of the login page index.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve sensitive database...

CVE-2019-25701 Easy Video to iPod Converter 1.6.20 Local Buffer Overflow SEH

Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and...

CVE-2019-25701

Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and...

CVE-2019-25701 Easy Video to iPod Converter 1.6.20 Local Buffer Overflow SEH

Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and...

PT-2026-32165

Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and...