EUVD-2007-4402

Malware in sbrugna...

EUVD-2008-1904

Malware in sbrugna...

CVE-2024-25628

Alf.io is a free and open source event attendance management system. In versions prior to 2.0-M4-2402 users can access the admin area even after being invalidated/deleted. This issue has been addressed in version 2.0-M4-2402. All users are advised to upgrade. There are no known workarounds for th...

CVE-2024-25628 Insufficient Session Expiration in alf.io

Alf.io is a free and open source event attendance management system. In versions prior to 2.0-M4-2402 users can access the admin area even after being invalidated/deleted. This issue has been addressed in version 2.0-M4-2402. All users are advised to upgrade. There are no known workarounds for th...

CVE-2022-24985

Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to bypass authentication and access the administrative section of other forms hosted on the same web server. This is relevant only when an organization hosts more than one of these forms on their server...

Jevci Siparis Formu Scripti Database Disclosure

======================================================================================== | Title : Jevci Siparis Formu Scripti = Guestbook DB Vulnerability | Author : indoushka | email : [email protected] | Home : www.sec-war.com | Web Site : http://scripti.org/i/jevcisiparisformu.zip | Dork ...

Maian Recipe <= 1.2 Insecure Cookie Handling Vulnerability

Exploit for unknown platform in category web applications ========================================================== Maian Recipe = 1.2 Insecure Cookie Handling Vulnerability ========================================================== Discovered By: S.W.A.T. DORK: Powered by: Maian Recipe v1.2...

ActiveKB <= 1.5 Insecure Cookie Handling/Arbitrary Admin Access

Exploit for unknown platform in category web applications =============================================================== ActiveKB = 1.5 Insecure Cookie Handling/Arbitrary Admin Access ===============================================================...

Internet Photoshow (Special Edition) Insecure Cookie Handling Vuln

Exploit for unknown platform in category web applications ================================================================== Internet Photoshow Special Edition Insecure Cookie Handling Vuln ==================================================================...

Authentication flaw

Admin.php in Olate Download od 3.4.1 uses an MD5 hash of the admin username, user id, and group id, to compose the OD3AutoLogin authentication cookie, which makes it easier for remote attackers to guess the cookie and access the Admin area...

DCP-Portal &#40;PHP&#41;

Informations : °°°°°°°°°°°°°° Version : 5.0.1 Website : http://www.dcp-portal.org Problems : - Include file - Access to users' accounts - Access to the administration PHP Code/ Location : °°°°°°°°°°°°°°°°°°°° The first & second hole will work if registerglobals is ON. /library/editor/editor.php :...