49 matches found
CVE-2016-10834
cPanel before 55.9999.141 allows account-suspension bypass via ftp SEC-105...
CVE-2019-20491
cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions SEC-508...
EUVD-2017-9597
Malware in sbrugna...
EUVD-2018-13421
Malware in sbrugna...
EUVD-2016-1828
Malware in sbrugna...
EUVD-2018-13418
Malware in sbrugna...
EUVD-2019-11035
Malware in sbrugna...
EUVD-2011-1409
Malware in sbrugna...
EUVD-2022-4977
Malicious code in bioql PyPI...
CVE-2018-20880
cPanel before 74.0.8 mishandles account suspension because of an invalid emailaccounts.json file SEC-445...
CVE-2018-20883
cPanel before 74.0.8 allows FTP access during account suspension SEC-449...
CVE-2018-20934
cPanel before 70.0.23 does not prevent e-mail account suspensions from being applied to unowned accounts SEC-411...
CVE-2017-18481
cPanel before 62.0.4 allows stored XSS in the WHM Account Suspension List interface SEC-211...
CVE-2024-30187
Summary: CVE-2024-30187 affects Anope prior to 2.0.15, where credentials for suspended accounts are not handled securely, enabling password resets to compromise login for suspended users. The issue is documented across multiple feeds (NVD, OSV, Ubuntu USN). What’s affected: Anope 2.0.14 and earli...
Authorization
Improper authorization vulnerability exists in the User Management /admin/users page of GROWI versions prior to v6.0.6. If this vulnerability is exploited, a user may delete or suspend its own account without the user's intention...
Google flags man as sex abuser after he sends photos of child to doctor
Mark noticed something was wrong with his son. His penis was hurting and appeared to be swollen. Since it was a Saturday during the pandemic, an emergency consultation was scheduled by video. So the doctor could assess the problem ahead of time, the parents were advised to send photos of their...
The vulnerability of the Tuleap lifecycle management system, which arises from the failure to take measures to neutralize special elements, allows a perpetrator to forcibly suspend an account or gain control over another account.
The vulnerability of the Tuleap application lifecycle management system exists due to the failure to take measures to neutralize specific elements. Exploiting this vulnerability can allow a malicious actor, operating remotely and with administrative privileges, to temporarily disable a user accou...
CVE-2021-41276
Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly the search filter built from the ldapid attribute of a user during the daily synchronization. A malicious user could force accounts to ...
CVE-2021-41276
Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly the search filter built from the ldapid attribute of a user during the daily synchronization. A malicious user could force accounts to ...
PT-2021-7108 · Unknown +1 · Tuleap Community Edition +3
Name of the Vulnerable Software and Affected Versions: Tuleap versions prior to 13.2.99.31 Community Edition Tuleap versions prior to 13.1-5 Enterprise Edition Tuleap versions prior to 13.2-3 Enterprise Edition Description: The issue arises from improper sanitization of the search filter built fr...