152 matches found
EUVD-2003-0666
Malware in sbrugna...
EUVD-2018-8543
Malware in sbrugna...
EUVD-2015-0895
Malware in sbrugna...
EUVD-2025-30215
Malicious code in bioql PyPI...
EUVD-2023-27115
Malicious code in bioql PyPI...
EUVD-2022-3380
Malicious code in bioql PyPI...
Liferay Portal和Liferay DXP 跨站脚本漏洞
Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...
CVE-2025-59715
SMSEagle before 6.11 allows reflected XSS via a username or contact phone number...
CVE-2025-59715
SMSEagle prior to 6.11 is affected by a reflected XSS vulnerability that can be triggered via a username or a contact phone number. Affected software: SMSEagle before 6.11. Underlying cause: reflected XSS in input handling. Impact: potential client-side script execution. Exploitation details are ...
PT-2025-38506
Name of the Vulnerable Software and Affected Versions SMSEagle versions prior to 6.11 Description SMSEagle is susceptible to a reflected cross-site scripting XSS issue. The vulnerability occurs through manipulation of a username or contact phone number. Recommendations Update to version 6.11 or...
CVE-2025-55629
Insecure permissions in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.46622503122283 allow attackers to arbitrarily change other users' passwords via manipulation of the userName value...
PT-2025-33359 · Sourcecodester · Sourcecodester Cashier Queuing System
Name of the Vulnerable Software and Affected Versions: SourceCodester Cashier Queuing System version 1.0 Description: A SQL injection issue exists in SourceCodester Cashier Queuing System 1.0 due to the manipulation of the Username argument in the /Actions.php file. This allows for remote...
CVE-2012-10060 Sysax Multi Server < 5.55 SSH Username Buffer Overflow
Sysax Multi Server versions prior to 5.55 contain a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code...
Online Farm System register.php File SQL Injection Vulnerability
Online Farm System is an online farm system. Online Farm System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Username in the file /register.php. An attacker can exploit this vulnerability to execute...
CVE-2025-51045
Phpgurukul Pre-School Enrollment System 1.0 contains a SQL injection vulnerability in the /admin/password-recovery.php file. This vulnerability is attributed to the insufficient validation of user input for the username parameter...
PT-2025-30139 · Unknown · Church Donation System
Name of the Vulnerable Software and Affected Versions: Church Donation System version 1.0 Description: A vulnerability exists in Church Donation System 1.0. The issue is a SQL injection affecting an unknown functionality of the file /login.php. Manipulation of the Username argument can lead to...
CVE-2023-23015
Cross Site Scripting XSS vulnerability in Kalkun 0.8.0 via username input in file Usermodel.php...
CVE-2022-2579
A vulnerability, which was classified as problematic, was found in SourceCodester Garage Management System 1.0. Affected is an unknown function of the file /phpaction/createUser.php. The manipulation of the argument userName with the input lala leads to cross site scripting. It is possible to...
CVE-2020-21588
Buffer overflow in Core FTP LE v2.2 allows local attackers to cause a denial or service crash via a long string in the Setup-Users-Username editbox...
CVE-2015-5520
Cross-site scripting XSS vulnerability in the Users module in Orchard 1.7.3 through 1.8.2 and 1.9.x before 1.9.1 allows remote attackers to inject arbitrary web script or HTML via the username when creating a new user account, which is not properly handled when deleting an account...