CVE-2020-36969

Removed by vendor...

CVE-2020-36968

CVE-2020-36968 affects M/Monit 3.7.4. An authentication vulnerability allows authenticated attackers to retrieve user password hashes by calling administrative API endpoints /api/1/admin/users/list and /api/1/admin/users/get, extracting MD5 hashes for all users. Multiple connected sources (Debian...

CVE-2020-36968

Removed by vendor...

Tildeslash M/Monit Security Vulnerability

Tildeslash M/Monit is a server monitoring and management tool developed by Tildeslash Inc. Version 3.7.4 of Tildeslash M/Monit contains a security vulnerability. This vulnerability stems from an authentication flaw in the management API endpoints, which could lead to the retrieval of user passwor...

EUVD-2021-1270

Malware in sbrugna...

EUVD-2008-5786

Malware in sbrugna...

EUVD-2021-0003

Malware in sbrugna...

EUVD-2024-28455

Malicious code in bioql PyPI...

CVE-2025-58993

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeum Tutor LMS tutor allows SQL Injection.This issue affects Tutor LMS: from n/a through = 3.7.4...

CVE-2025-58993 WordPress Tutor LMS Plugin <= 3.7.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeum Tutor LMS tutor allows SQL Injection.This issue affects Tutor LMS: from n/a through = 3.7.4...

PT-2025-36812

Name of the Vulnerable Software and Affected Versions: Themeum Tutor LMS versions through 3.7.4 Description: Themeum Tutor LMS is susceptible to a SQL injection flaw due to improper neutralization of special elements within SQL commands. This allows for potential SQL injection attacks...

CVE-2025-28967

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Steve Truman Contact Us page - Contact people LITE contact-us-page-contact-people allows SQL Injection.This issue affects Contact Us page - Contact people LITE: from n/a through = 3.7.4...

CVE-2025-28967

CVE-2025-28967 concerns the WordPress plugin Contact Us page – Contact People Lite, affected up to version 3.7.4. The issue is an SQL Injection caused by improper neutralization of input elements in SQL commands. Wordfence data shows a CVSS v3.1 base score of 8.5 (HIGH) with NETWORK attack vector...

CVE-2025-28967 WordPress Contact Us page - Contact people LITE plugin <= 3.7.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Steve Truman Contact Us page - Contact people LITE contact-us-page-contact-people allows SQL Injection.This issue affects Contact Us page - Contact people LITE: from n/a through = 3.7.4...

WordPress plugin Contact Us page - Contact people LITE SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Contact Us page - Contact...

CVE-2024-30535

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WhiteStudio Easy Form Builder.This issue affects Easy Form Builder: from n/a through 3.7.4...

CVE-2024-11716

While assignment of a user to a team bracket in CTFd should be possible only once, at the registration, a flaw in logic implementation allows an authenticated user to reset it's bracket and then pick a new one, joining another team while a competition is already ongoing. This issue impacts releas...

CVE-2024-22385 File and Directory Permission Vulnerability in Hitachi Storage Provider for VMware vCenter

Incorrect Default Permissions vulnerability in Hitachi Storage Provider for VMware vCenter allows local users to read and write specific files.This issue affects Hitachi Storage Provider for VMware vCenter: from 3.1.0 before 3.7.4...

aiohttp < 3.7.4 Open Redirect Vulnerability - Windows

aiohttp is prone to an open redirect vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:aio-libsproject:aiohttp";...

CVE-2024-30535

CVE-2024-30535 is an SQL Injection vulnerability in WordPress plugin Easy Form Builder (White Studio Easy Form Builder). Affected versions: Easy Form Builder from n/a through 3.7.4. Root cause: Improper Neutralization of Special Elements used in SQL Command. Impact as per CVSS: high (score 8.5) w...