CVE-2018-25167 Net-Billetterie 2.9 SQL Injection via login.inc.php

Net-Billetterie 2.9 contains an SQL injection vulnerability in the login parameter of login.inc.php that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can submit malicious SQL code through the login POST parameter to extract database information including usernames,...

CVE-2025-25613

FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch, 8 x Gigabit RJ45, with 2 x 1Gb SFP, Fanless. All versions before 2.2.0D Build 135103 were discovered to transmit cookies for their web based administrative application containing usernames and passwords. These were transmitted in cleartext usi...

EUVD-2025-198337

FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch, 8 x Gigabit RJ45, with 2 x 1Gb SFP, Fanless. All versions before 2.2.0D Build 135103 were discovered to transmit cookies for their web based administrative application containing usernames and passwords. These were transmitted in cleartext usi...

CVE-2021-4471

TG8 Firewall exposes a /data/ directory over HTTP without authentication, storing credential files for previously logged-in users. This enables a remote unauthenticated attacker to enumerate and download files to obtain usernames and passwords, leading to loss of confidentiality and potential una...

EUVD-2004-1688

Malware in sbrugna...

EUVD-2006-4583

Malware in sbrugna...

EUVD-2022-41052

Malicious code in bioql PyPI...

EUVD-2022-52198

Malicious code in bioql PyPI...

PT-2025-38490

Name of the Vulnerable Software and Affected Versions Cognex In-Sight Explorer and In-Sight Camera Firmware affected versions not specified Description The software exposes a proprietary protocol on TCP port 1069 for management operations, including modifying system properties. The user managemen...

PT-2025-38491

Name of the Vulnerable Software and Affected Versions Cognex In-Sight Explorer and In-Sight Camera Firmware affected versions not specified Description The software exposes a proprietary protocol on TCP port 1069 for management operations, including modifying system properties. The user managemen...

CVE-2014-9702

system/classes/DbPDO.php in Cmfive through 2015-03-15, when database connectivity malfunctions, allows remote attackers to obtain sensitive information username and password via any request, such as a password reset request...

CVE-2025-2228 Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates <= 1.6.8 - Authenticated (Contributor+) Sensitive Information Exposure

The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.8 the 'registeruser' function. This makes it possible for authenticated attackers, with...

XOne Web Monitor 安全漏洞

XOne Web Monitor is a monitoring dashboard from XOne. A security vulnerability exists in XOne Web Monitor version v02.10.2024.530, which stems from the presence of a SQL injection vulnerability that allows an attacker to steal all usernames and passwords via specially crafted input...

SUSE CVE-2009-2797

The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive information by reading Referer logs on a web server...

WAVLINK WN530HG4 安全漏洞

The WAVLINK WN530HG4 is a wireless router from the Chinese company WAVLINK. A security vulnerability exists in the WAVLINK WN530HG4 M30HG4.V5030.191116 version, which stems from a vulnerability that allows an attacker to view usernames and passwords...

CVE-2019-19822

A certain router administration interface that includes Realtek APMIB 0.11f for Boa 0.94.14rc21 allows remote attackers to retrieve the configuration, including sensitive data usernames and passwords. This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R...

CVE-2019-14927

An issue was discovered on Mitsubishi Electric Europe B.V. ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. An unauthenticated remote configuration download vulnerability allows an attacker to download the smartRTU's configuration file which contains data such as usernames,...

Hacker Ordered to Pay Back Nearly £1 Million to Phishing Victims

A prolific hacker who carried out phishing scams against hundreds of companies worldwide has been ordered to pay back more than $1.1 million over £922,000 worth of cryptocurrencies to his victims. Grant West , a 27-year-old resident of Kent, England, targeted several well-known companies around t...

SurfControl SuperScout Email Filter 3.5 User Credential Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5929/info SurfControl SuperScout Email Filter comes with a web-based interface to provide remote access to administrative facilities. One of the files userlist.asp that comes with the web interface contains a listing of...

Swiss Firm Digs Up 300,000+ Usernames/Passwords on Pastebin

More than 300,000 credentials, usernames and passwords, were posted on the clipboard website Pastebin.com in the year 2013 alone according to a recent analysis by a Swiss security firm. As part of an experiment to determine how big the hacking industry is, High-Tech Bridge, a company until now...