5 matches found
CVE-2019-11187
Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an arbitrary password is provided...
EUVD-2007-0007
Malware in sbrugna...
EUVD-2022-46980
Malicious code in bioql PyPI...
CVE-2025-27416 Asking For Scratch Username And Password
Scratch-Coding-Hut.github.io is the website for Coding Hut. The website as of 28 February 2025 contained a sign in with scratch username and password form. Any user who used the sign in page would be susceptible to any other user signing into their account. As of time of publication, a fix is not...
Logic Flaw Vulnerability in Hsycms
Hsycms is a rapid site building system developed by TP5.0 framework. Hsycms suffers from a logic flaw vulnerability. An attacker can exploit the vulnerability to reset any user's password and log into any account...