CVE-2026-45631

Dokploy is a free, self-hostable Platform as a Service PaaS. From 0.27.0 to before 0.29.3, a hardcoded BETTERAUTHSECRET fallback "better-auth-secret-123456789" lets an unauthenticated attacker forge email verification JWTs, trigger auto-sign-in as admin, and execute commands on the host via the...

EUVD-2026-33355

Dokploy is a free, self-hostable Platform as a Service PaaS. From 0.27.0 to before 0.29.3, a hardcoded BETTERAUTHSECRET fallback "better-auth-secret-123456789" lets an unauthenticated attacker forge email verification JWTs, trigger auto-sign-in as admin, and execute commands on the host via the...

PT-2026-44935

Name of the Vulnerable Software and Affected Versions Dokploy versions 0.27.0 through 0.29.2 Description A hardcoded fallback for the BETTER AUTH SECRET variable allows an unauthenticated attacker to forge email verification JSON Web Tokens JWTs, which are compact and self-contained ways for...

CVE-2026-44392

Missing authorization vulnerability exists in Movable Type. Under certain conditions, when a user without administrator privileges signs in to the product, unintended update processing may be executed...

CVE-2021-41126

October is a Content Management System CMS and web platform built on the the Laravel PHP Framework. In affected versions administrator accounts which had previously been deleted may still be able to sign in to the backend using October CMS v2.0. The issue has been patched in v2.1.12 of the...

CVE-2023-41615

Zoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields...

Zoo Management System SQL Injection Vulnerability (CNVD-2023-72245)

Zoo Management System is a zoo management system. It provides an online and automated platform for zoo organizations to manage their daily records. Zoo Management System v1.0 suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements on th...

CVE-2023-41615

Zoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields...

CVE-2023-41615

Zoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields...

CVE-2023-41615

Zoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields...

Sql injection

Zoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields...

CVE-2023-41615

CVE-2023-41615 affects Zoo Management System v1.0, with multiple SQL injection vulnerabilities in the Admin sign‑in page via the username and password fields. The root cause is insufficient input validation on the sign‑in form, enabling arbitrary SQL execution and potential data theft. While seve...

Zoo Management System SQL注入漏洞

Zoo Management System is a zoo management system. It provides an online and automated platform for zoo organizations to manage their daily records. Zoo Management System v1.0 suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements on th...

CVE-2023-41615

Zoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields...

PT-2023-28000 · Unknown · Zoo Management System

Name of the Vulnerable Software and Affected Versions: Zoo Management System version 1.0 Description: The issue is related to multiple SQL injection vulnerabilities found in the Admin sign-in page of the Zoo Management System. These vulnerabilities can be exploited via the username and password...