325 matches found
EUVD-2005-4204
Malware in sbrugna...
EUVD-2008-6505
Malware in sbrugna...
EUVD-2020-20627
Malware in sbrugna...
EUVD-2012-0013
Malware in sbrugna...
EUVD-2021-32527
Malicious code in bioql PyPI...
EUVD-2025-11133
Malicious code in bioql PyPI...
EUVD-2025-30232
Malicious code in bioql PyPI...
EUVD-2025-25512
Malicious code in bioql PyPI...
EUVD-2025-27774
Malicious code in bioql PyPI...
EUVD-2025-11100
Malicious code in bioql PyPI...
CVE-2025-5955 Service Finder SMS System <= 2.0.0 - Authentication Bypass
The Service Finder SMS System plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.0. This is due to the plugin not verifying a user's phone number before logging them in. This makes it possible for unauthenticated attackers to login as arbitrary...
CVE-2025-5955 Service Finder SMS System <= 2.0.0 - Authentication Bypass
The Service Finder SMS System plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.0. This is due to the plugin not verifying a user's phone number before logging them in. This makes it possible for unauthenticated attackers to login as arbitrary...
PT-2025-38510
Name of the Vulnerable Software and Affected Versions Service Finder SMS System plugin for WordPress versions prior to 2.1.0 Description The Service Finder SMS System plugin for WordPress does not verify a user's phone number before logging them in, leading to authentication bypass. This allows...
CVE-2025-30064
An insufficiently secured internal function allows session generation for arbitrary users. The decodeParam function checks the JWT but does not verify which signing algorithm was used. As a result, an attacker can use the "ex:action" parameter in the VerifyUserByThrustedService function to genera...
CVE-2025-9254
WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality...
CVE-2025-9254
WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality...
CVE-2025-9254 Uniong|WebITR - Missing Authentication
WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality...
CVE-2025-9254
CVE-2025-9254 concerns WebITR by Uniong with a missing authentication vulnerability that allows unauthenticated remote attackers to log in as arbitrary users by exploiting a specific functionality. Multiple sources (Red Hat, NVD, CVE lists) describe an unauthenticated access/control issue; the ex...
BIT-MOODLE-2024-43438 Moodle: idor in feedback non-respondents report allows messaging arbitrary site users
A flaw was found in Feedback. Bulk messaging in the activity's non-respondents report did not verify message recipients belonging to the set of users returned by the report...
The vulnerability of VideoGrace video conferencing software, related to insufficient validation of input data, allows a hacker to send messages to arbitrary users.
The vulnerability of VideoGrace video conferencing software is related to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor to send messages to arbitrary users remotely...