9 matches found
EUVD-2019-2103
Malware in sbrugna...
EUVD-2005-0319
Malware in sbrugna...
EUVD-2023-40115
Malicious code in bioql PyPI...
CVE-2022-24341
In JetBrains TeamCity before 2021.2.1, editing a user account to change its password didn't terminate sessions of the edited user...
CVE-2019-10041
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dirlogin.asp and use an API URL /goform/form2userconfig.cgi to edit the system account without authentication...
CVE-2019-10039
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dirlogin.asp and use an API URL /goform/setSysAdm to edit the web or system account without authentication...
CVE-2023-36136
PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account update user page allowing an attacker to capture all user names and passwords in clear text...
CVE-2016-3722
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with multiple accounts to cause a denial of service unable to login by editing the "full name."...
CVE-2005-0318
usereditaccount.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged in user, which allows remote authenticated users to edit other users' account information via a modified user parameter...