21 matches found
WeRSS 代码注入漏洞
WeRSS is a WeChat official account system developed by Rachel. Versions of WeRSS 1.4.8 and earlier had a code injection vulnerability. This vulnerability originated from a cross-site scripting issue in the fixhtml function within the Article Module component’s files in tools/fix.py...
EUVD-2025-12503
Malicious code in bioql PyPI...
CVE-2025-28128
An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verification process via a crafted request...
CVE-2025-28128
An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verification process via a crafted request...
CVE-2025-28128
CVE-2025-28128 affects Mytel Telecom Online Account System v1.0. A crafted request can bypass OTP verification, enabling authentication bypass as described in multiple sources (NVD/Red Hat/CNNVD). The concise impact is partial authentication bypass with high confidentiality impact and low integri...
PT-2025-17935 · Mytel Telecom · Mytel Telecom Online Account System
Name of the Vulnerable Software and Affected Versions: Mytel Telecom Online Account System version 1.0 Description: An issue in the system allows attackers to bypass the OTP verification process via a crafted request. Recommendations: For Mytel Telecom Online Account System version 1.0, consider...
Mytel Telecom Online Account System 安全漏洞
Mytel Telecom Online Account System is a telecom online account system from Mytel Myanmar. A security vulnerability exists in Mytel Telecom Online Account System version 1.0, which originates from an OTP authentication bypass...
CVE-2025-28128
An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verification process via a crafted request...
CVE-2025-28128
An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verification process via a crafted request...
AZL-58569 CVE-2025-21846 affecting package kernel for versions less than 5.15.179.1-1
In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In 1 it was reported that the acct2 system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This can e.g., happen when...
supybot-fedora 安全漏洞
supybot-fedora is an open source Limnoria supybot plugin for general Fedora community operations from Fedora Infrastructure. A security vulnerability exists in supybot-fedora that stems from the implementation of a command refresh that refreshes all users' caches from FAS, which takes a long time...
Nil dereference in NATS JWT, DoS of nats-server
Problem Description The NATS account system has an Operator trusted by the servers, which signs Accounts, and each Account can then create and sign Users within their account. The Operator should be able to safely issue Accounts to other entities which it does not fully trust. A malicious Account...
TrendMicro SSO Redirect / Session Theft
Document Title: =============== Trend Micro SSO - Backend SSO Redirect & Session Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1694 Trand Micro ID: 1-1-1035080936 Release Date: ============= 2016-03-31 Vulnerability Laboratory ID VL-ID:...
Grindr v2.1.1 iOS & Account System - Breach Attack Vulnerability
Document Title: =============== Grindr v2.1.1 iOS & Account System - Breach Attack Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1420 Release Date: ============= 2015-05-03 Vulnerability Laboratory ID VL-ID:...
Grindr 2.1.1 Breach Attack
Document Title: =============== Grindr v2.1.1 iOS & Account System - Breach Attack Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1420 Release Date: ============= 2015-05-03 Vulnerability Laboratory ID VL-ID:...
Grindr 2.2.1 Insufficient Validation
Document Title: =============== Grindr v2.1.1 iOS - eMail Session Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1426 Release Date: ============= 2015-05-04 Vulnerability Laboratory ID VL-ID: ==================================== 1426 Commo...
Grindr v2.1.1 iOS & Account System - Breach Attack
Document Title: =============== Grindr v2.1.1 iOS & Account System - Breach Attack References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1420 Release Date: ============= 2015-05-03 Vulnerability Laboratory ID VL-ID: ==================================== 1420...
Avira License Application - Cross Site Request Forgery Vulnerability
Document Title: =============== Avira License Application - Cross Site Request Forgery Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1302 Video: http://www.vulnerability-lab.com/getcontent.php?id=1301 Release Date: ============= 2014-08-2...
webERP <= 4.08.1 - Local/Remote File Inclusion Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ posdubatgmail.com 2012-06-27 webERP = 4.08.1 Local/Remote File Inclusion Vulnerability Script: Accounting & Best...
Fedora 10 : python-fedora-0.3.9-1.fc10 (2009-1518)
This release includes a bugfix to the fedora.client.AccountSystem.verifypassword method. verifypassword was incorrectly returning True username, password combination was correct for any input. Although no known code is using this method to verify a user's account with the Fedora Account System, t...