CVE-2025-10375

The WordPress plugin Web Accessibility by accessiBe (plugins: accessibe) is affected by CVE-2025-10375. A CSRF vulnerability exists in all versions up to 2.10 due to missing nonce validation on multiple AJAX actions (accessibe_signup, accessibe_login, accessibe_license_trial, accessibe_modify_con...

EUVD-2024-51249

Malicious code in bioql PyPI...

CVE-2024-12990

A vulnerability was found in ruifang-tech Rebuild 3.8.6. It has been classified as problematic. This affects an unknown part of the file /user/admin-verify of the component Admin Verification Page. The manipulation of the argument nexturl with the input http://localhost/evil.html leads to open...

CVE-2024-12990

A vulnerability was found in ruifang-tech Rebuild 3.8.6. It has been classified as problematic. This affects an unknown part of the file /user/admin-verify of the component Admin Verification Page. The manipulation of the argument nexturl with the input http://localhost/evil.html leads to open...

CVE-2024-12990 ruifang-tech Rebuild Admin Verification Page admin-verify redirect

A vulnerability was found in ruifang-tech Rebuild 3.8.6. It has been classified as problematic. This affects an unknown part of the file /user/admin-verify of the component Admin Verification Page. The manipulation of the argument nexturl with the input http://localhost/evil.html leads to open...

CVE-2024-12990

The CVE-2024-12990 entry concerns ruifang-tech Rebuild 3.8.6, specifically the Admin Verification Page file /user/admin-verify. The vulnerability arises from manipulating the nexturl parameter (e.g., http://localhost/evil.html), causing an open redirect. It can be exploited remotely and has been ...

CVE-2024-12990 ruifang-tech Rebuild Admin Verification Page admin-verify redirect

A vulnerability was found in ruifang-tech Rebuild 3.8.6. It has been classified as problematic. This affects an unknown part of the file /user/admin-verify of the component Admin Verification Page. The manipulation of the argument nexturl with the input http://localhost/evil.html leads to open...

PT-2024-17853 · Ruifang Tech · Ruifang-Tech Rebuild

Name of the Vulnerable Software and Affected Versions: ruifang-tech Rebuild version 3.8.6 Description: A vulnerability was found in the Admin Verification Page of the affected software, specifically in the file /user/admin-verify. The issue is related to the manipulation of the nexturl argument,...

Legal Robot: Clickjacking in Legalrobot app

Dear Team, POC Please find attached screenshots Steps to reproduce: create index.html file with following content: Open index.html in browser Actual result: Legalrobot email verification page is viewed in iframe. Remediation: Frame busting technique is the better framing protection technique...

How to configure SAML Authentication-Test Configuration

A test page is available to help test that SAML authentication is working and configured correctly. This page bypasses any Storefront components and only verifies the SAML authentication...

session spoofing and password theft probe-vulnerability warning-the black bar safety net

session spoofing article first briefly about the General asp system of the authentication principle. In General, the backend administrator login page enter the account password, the program will take him to submit a user name and password to the database administrator table to find if there is th...