CVE-2026-10731

SQL injection in the ‘twostepsauthcode’ parameter processed by the ‘twoStepsAuthVerification’ function within the ‘/user-login’ endpoint. The two-factor authentication 2FA functionality can be accessed without prior authentication, allowing unauthenticated attackers to execute arbitrary SQL queri...

Nemon Trade Energy和Nemon Trade Energy CRM SQL注入漏洞

Nemon Trade Energy and Nemon Trade Energy CRM are both products of the Spanish company Nemon. Nemon Trade Energy is a platform for managing energy retail businesses. Nemon Trade Energy CRM is a platform for managing energy customer relationships. Both Nemon Trade Energy and Nemon Trade Energy CRM...

EUVD-2026-23519

xrdp is an open source RDP server. Versions through 0.10.5 have a heap-based buffer overflow in the EGFX graphics dynamic virtual channel implementation due to insufficient validation of client-controlled size parameters, allowing an out-of-bounds write via crafted PDUs. Pre-authentication...

CVE-2025-70231

D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When processing POST requests related to verification codes in /goform/formLogin, it enters /goform/getAuthCode but fails to filter the value of the FILECODE parameter, resulting in a path traversal vulnerability...

CVE-2025-70231

D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When processing POST requests related to verification codes in /goform/formLogin, it enters /goform/getAuthCode but fails to filter the value of the FILECODE parameter, resulting in a path traversal vulnerability...

PT-2026-23471

Name of the Vulnerable Software and Affected Versions D-Link DIR-513 version 1.10 Description The D-Link DIR-513 version 1.10 device has a flaw where it doesn't properly check the FILECODE parameter when handling POST requests to the /goform/formLogin endpoint. This allows for a path traversal...

CVE-2025-70222

CVE-2025-70222 affects D-Link DIR-513 v1.10. A stack buffer overflow is triggered via the curTime parameter in the /goform/formLogin and /goform/getAuthCode endpoints. The vulnerability is characterized as a network-accessible issue with high impact to confidentiality, integrity, and availability...

CVE-2025-68948

SiYuan is self-hosted, open source personal knowledge management software. In versions 3.5.1 and prior, the SiYuan Note application utilizes a hardcoded cryptographic secret for its session store. This unsafe practice renders the session encryption ineffective. Since the sensitive AccessAuthCode ...

CVE-2025-68948 SiYuan: Information Disclosure and Authentication Bypass via Hardcoded Session Secret

SiYuan is self-hosted, open source personal knowledge management software. In versions 3.5.1 and prior, the SiYuan Note application utilizes a hardcoded cryptographic secret for its session store. This unsafe practice renders the session encryption ineffective. Since the sensitive AccessAuthCode ...

EUVD-2020-27967

Malware in sbrugna...

PT-2025-34875 · Totolink · Totolink T10

Name of the Vulnerable Software and Affected Versions: TOTOLINK T10 version 4.1.8cu.5241 B20210927 Description: A vulnerability exists in TOTOLINK T10 version 4.1.8cu.5241 B20210927 related to improper authentication. The issue is located in the /formLoginAuth.htm file and involves the manipulati...

The vulnerability of the getAuthCode() function in D-Link DIR-605L router microprogramming software allows a hacker to execute any code with root privileges.

The vulnerability of the getAuthCode function in D-Link DIR-605L router microprogramming software is related to buffer overflows in the CAPTCHA processing stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands with root privileges...

CVE-2025-7382

A command injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR2 21.0.2 can lead to adjacent attackers achieving pre-auth code execution on High Availability HA auxiliary devices, if OTP authentication for the admin user is enabled...

CVE-2025-7382

A command injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR2 21.0.2 can lead to adjacent attackers achieving pre-auth code execution on High Availability HA auxiliary devices, if OTP authentication for the admin user is enabled...

CVE-2025-7382

Summary (CVE-2025-7382) : A command-injection vulnerability exists in the WebAdmin component of Sophos Firewall versions older than 21.0 MR2 (21.0.2). If OTP authentication for the admin user is enabled, adjacent attackers can achieve pre-auth code execution on High Availability (HA) auxiliary de...

PT-2024-9755

Name of the Vulnerable Software and Affected Versions Sophos Firewall versions prior to 21.0 MR1 21.0.1 Description A post-auth code injection vulnerability in the User Portal allows authenticated users to execute code remotely. The issue is related to incorrect code generation management. This...

PT-2023-31620 · Unknown · Yii2-Authclient

Name of the Vulnerable Software and Affected Versions: yii2-authclient versions prior to 2.2.15 Description: The Oauth2 PKCE implementation in yii2-authclient is vulnerable in two ways. First, the authCodeVerifier should be removed after usage, similar to authState. Second, there is a risk for a...

CVE-2022-3696

The CVE-2022-3696 entry describes a post-auth code-injection vulnerability in Sophos Firewall Webadmin, affecting releases prior to 19.5 GA. The issue allows an administrator to execute code via the Webadmin interface with high impact (code execution, confidentiality/ integrity/ availability impa...

CVE-2022-25825

Improper access control vulnerability in Samsung Account prior to version 13.1.0.1 allows attackers to access to the authcode for sign-in...

Privilege Escalation

firefox is vulnerable to privilege escalation. A malicious extension is able to call browser.identity.launchWebAuthFlow and control the redirecturi. Subsequently, the Auth code can be retrieved and access to user's account is obtained...