Lucene search
K

13 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/26 7:7 p.m.3 views

CVE-2026-33152

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, Tandoor Recipes configures Django REST Framework with BasicAuthentication as one of the default authentication backends. The AllAuth rate limiting configuration...

9.1CVSS5.8AI score0.00513EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/02/11 12:0 a.m.11 views

CVE-2024-50618

CVE-2024-50618 affects CIPPlanner CIPAce prior to version 9.17. The authentication component relies on single-factor authentication, and when internal accounts login is enabled, an attacker could bypass protection and potentially obtain full authentication if the secret of the single-factor schem...

4.3CVSS5.6AI score0.00243EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.5 views

PT-2026-7655

Name of the Vulnerable Software and Affected Versions CIPPlanner CIPAce versions prior to 9.17 Description A weakness exists in the Authentication component of CIPPlanner CIPAce that allows attackers to bypass a security measure. Specifically, the system’s reliance on single-factor authentication...

4.3CVSS5.4AI score0.00243EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/09 7:23 p.m.5 views

CVE-2026-2171

A vulnerability was found in code-projects Online Student Management System 1.0. Affected is an unknown function of the file accounts.php of the component Login. Performing a manipulation of the argument username/password results in sql injection. The attack can be initiated remotely. The exploit...

9.8CVSS5.4AI score0.00391EPSS
Exploits0References1
NVD
NVD
added 2026/02/08 7:16 p.m.19 views

CVE-2026-2171

A vulnerability was found in code-projects Online Student Management System 1.0. Affected is an unknown function of the file accounts.php of the component Login. Performing a manipulation of the argument username/password results in sql injection. The attack can be initiated remotely. The exploit...

9.8CVSS0.00391EPSS
Exploits0References5
OSV
OSV
added 2026/02/08 7:16 p.m.3 views

CVE-2026-2171

A vulnerability was found in code-projects Online Student Management System 1.0. Affected is an unknown function of the file accounts.php of the component Login. Performing a manipulation of the argument username/password results in sql injection. The attack can be initiated remotely. The exploit...

9.8CVSS5.7AI score0.00391EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/02/08 6:2 p.m.9 views

CVE-2026-2171 code-projects Online Student Management System Login accounts.php sql injection

A vulnerability was found in code-projects Online Student Management System 1.0. Affected is an unknown function of the file accounts.php of the component Login. Performing a manipulation of the argument username/password results in sql injection. The attack can be initiated remotely. The exploit...

7.5CVSS5.4AI score0.00391EPSS
Exploits0References5
CVE
CVE
added 2026/02/08 6:2 p.m.13 views

CVE-2026-2171

CVE-2026-2171 affects code-projects Online Student Management System 1.0. The vulnerability is an SQL injection in the Login component (accounts.php) triggered by manipulating the username/password arguments. It can be exploited remotely and exploits have been made public. Remediation details are...

9.8CVSS7.1AI score0.00391EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-9812

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that...

9.3CVSS8.2AI score0.01302EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/12/09 7:15 a.m.3 views

CVE-2023-28874

The next parameter in the /accounts/login endpoint of Seafile 9.0.6 allows attackers to redirect users to arbitrary sites...

6.1CVSS6AI score0.00451EPSS
Exploits1References3
OSV
OSV
added 2023/12/09 12:0 a.m.15 views

CVE-2023-28874

The next parameter in the /accounts/login endpoint of Seafile 9.0.6 allows attackers to redirect users to arbitrary sites...

6.1CVSS7.1AI score0.00451EPSS
Exploits1References4
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.351 views

ManageEngine ADSelfService Plus 6.1 - User Enumeration

Exploit Title: ManageEngine ADSelfService Plus 6.1 - User Enumeration Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/self-service-password/download.html Version: ADSelfService 6.1 Build 6121 Tested Against:...

7.4AI score
Exploits0
OSV
OSV
added 2020/11/23 4:15 p.m.3 views

CVE-2020-1778

When OTRS uses multiple backends for user authentication with LDAP, agents are able to login even if the account is set to invalid. This issue affects OTRS; 8.0.9 and prior versions...

4.3CVSS5.8AI score0.00643EPSS
Exploits0References1
Rows per page
Query Builder