EUVD-2015-4009

Malware in sbrugna...

EUVD-2006-5146

Malware in sbrugna...

EUVD-2025-31136

Malicious code in bioql PyPI...

CVE-2025-10879

All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to retrieve the current user's username without authentication...

CVE-2025-10879

All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to retrieve the current user's username without authentication...

PT-2025-39427

Name of the Vulnerable Software and Affected Versions Dingtian DT-R002 affected versions not specified Description The software contains a flaw related to Insufficiently Protected Credentials. This could allow an attacker to retrieve the current user's username without authentication...

Linux Distros Unpatched Vulnerability : CVE-2020-10804

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username in...

CVE-2022-34047

An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain usernames and passwords via view-source:http://IPADDRESS/setsafety.shtml?r=52300 and searching for var syspasswd...

SAP KMC WPC Information Disclosure Vulnerability

SAP KMC WPC is a combination of enterprise content management and web publishing components from SAP. An information disclosure vulnerability exists in SAP KMC WPC, which can be exploited by an attacker to retrieve a user name via a simple parameter query, resulting in the disclosure of sensitive...

CVE-2025-26657

SAP KMC WPC allows an unauthenticated attacker to remotely retrieve usernames by a simple parameter query which could expose sensitive information causing low impact on confidentiality of the application. This has no effect on integrity and availability...

PT-2025-15366 · Sap · Sap Kmc Wpc

Name of the Vulnerable Software and Affected Versions: SAP KMC WPC affected versions not specified Description: The issue allows an unauthenticated attacker to remotely retrieve usernames by a simple parameter query, potentially exposing sensitive information and causing low impact on the...

General Electric D20 Password Recovery

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module grabs the device configuration from a GE D20M RTU and parses the usernames and passwords from it. class MetasploitModule 'General Electric D20 Password...

SUSE CVE-2020-10804

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php. A malicious user with access to the server could create a crafted username, and then...

phpMyAdmin SQL Injection

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php. A malicious user with access to the server could create a crafted username, and then...

Xiuno BBS 访问控制错误漏洞

Xiuno BBS is an open source forum program based on PHP and MySQL. Xiuno BBS suffers from an Access Control Error vulnerability that stems from the product routeuser.php that allows retrieval of usernames. No details of the vulnerability are provided at this time...

IBM Data Risk Manager Information Disclosure Vulnerability

IBM Data Risk Manager is a data risk manager that helps discover, analyze and visualize business risks associated with data. An information disclosure vulnerability exists in IBM Data Risk Manager 2.0.6. An attacker could exploit this vulnerability to obtain sensitive username information via a...

Siemens Spectrum Power™ 4 Unsecure Storage of Sensitive Information Vulnerability

Spectrum Power™4 provides the basic components for modeling data for SCADA, communications, and control and monitoring systems. A security vulnerability exists in Siemens Spectrum Power™4. An attacker could exploit the vulnerability to cause the retrieval of a username...

CVE-2020-15132 Reset Password / Login vulnerability in Sulu

In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the "Forget password" feature on the login screen is used, Sulu asks the user for a username or email address. If the given string is not found, a response with a 400 error code is returned, along with a error message saying that this user...

CVE-2020-10804

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php. A malicious user with access to the server could create a crafted username, and then...

CVE-2020-10804

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php. A malicious user with access to the server could create a crafted username, and then...