Lucene search
K

6612 matches found

Packet Storm
Packet Storm
added 2023/01/09 12:0 a.m.193 views

Eatself 1.1.5 SQL Injection

==================================================================================================================================== | Title : Eatself v1.1.5 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | | Vend...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/01/08 12:0 a.m.6 views

PT-2023-9861 · Unknown · Web-Cyradm

Name of the Vulnerable Software and Affected Versions: web-cyradm affected versions not specified Description: A critical issue has been found in web-cyradm, affecting some unknown functionality of the file auth.inc.php. The manipulation of the argument login/login password/LANG leads to sql...

9.8CVSS7.8AI score0.0074EPSS
Exploits0References6
NVD
NVD
added 2023/01/07 8:15 p.m.21 views

CVE-2014-125065

A vulnerability, which was classified as critical, was found in john5223 bottle-auth. Affected is an unknown function. The manipulation leads to sql injection. The name of the patch is 99cfbcc0c1429096e3479744223ffb4fda276875. It is recommended to apply a patch to fix this issue. The identifier o...

9.8CVSS7AI score0.00672EPSS
Exploits0References3
Prion
Prion
added 2023/01/07 8:15 p.m.15 views

Sql injection

A vulnerability, which was classified as critical, was found in john5223 bottle-auth. Affected is an unknown function. The manipulation leads to sql injection. The name of the patch is 99cfbcc0c1429096e3479744223ffb4fda276875. It is recommended to apply a patch to fix this issue. The identifier o...

5.2CVSS7.9AI score0.00672EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/01/07 7:39 p.m.25 views

CVE-2014-125065 john5223 bottle-auth sql injection

A vulnerability, which was classified as critical, was found in john5223 bottle-auth. Affected is an unknown function. The manipulation leads to sql injection. The name of the patch is 99cfbcc0c1429096e3479744223ffb4fda276875. It is recommended to apply a patch to fix this issue. The identifier o...

5.5CVSS9.9AI score0.00672EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/01/07 7:39 p.m.11 views

CVE-2014-125065 john5223 bottle-auth sql injection

A vulnerability, which was classified as critical, was found in john5223 bottle-auth. Affected is an unknown function. The manipulation leads to sql injection. The name of the patch is 99cfbcc0c1429096e3479744223ffb4fda276875. It is recommended to apply a patch to fix this issue. The identifier o...

5.5CVSS7.5AI score0.00672EPSS
Exploits0References3
CVE
CVE
added 2023/01/07 7:39 p.m.61 views

CVE-2014-125065

Affected software: john5223 bottle-auth. Vulnerability: SQL injection caused by manipulation of an unknown function. This CVE (CVE-2014-125065) is documented with critical impact; multiple sources confirm the issue and reference a patch named 99cfbcc0c1429096e3479744223ffb4fda276875. Impact: High...

9.8CVSS7AI score0.00672EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/01/07 5:15 p.m.23 views

CVE-2015-10027

A vulnerability, which was classified as problematic, has been found in hydrian TTRSS-Auth-LDAP. Affected by this issue is some unknown functionality of the component Username Handler. The manipulation leads to ldap injection. Upgrading to version 2.0b1 is able to address this issue. The patch is...

9.8CVSS6.9AI score0.00849EPSS
Exploits0References5
Prion
Prion
added 2023/01/07 5:15 p.m.17 views

Information disclosure

A vulnerability, which was classified as problematic, has been found in hydrian TTRSS-Auth-LDAP. Affected by this issue is some unknown functionality of the component Username Handler. The manipulation leads to ldap injection. Upgrading to version 2.0b1 is able to address this issue. The patch is...

7.5CVSS7.8AI score0.00849EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2023/01/07 4:42 p.m.30 views

CVE-2015-10027 hydrian TTRSS-Auth-LDAP Username ldap injection

A vulnerability, which was classified as problematic, has been found in hydrian TTRSS-Auth-LDAP. Affected by this issue is some unknown functionality of the component Username Handler. The manipulation leads to ldap injection. Upgrading to version 2.0b1 is able to address this issue. The patch is...

5.5CVSS9.8AI score0.00849EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/01/07 4:42 p.m.13 views

CVE-2015-10027 hydrian TTRSS-Auth-LDAP Username ldap injection

A vulnerability, which was classified as problematic, has been found in hydrian TTRSS-Auth-LDAP. Affected by this issue is some unknown functionality of the component Username Handler. The manipulation leads to ldap injection. Upgrading to version 2.0b1 is able to address this issue. The patch is...

5.5CVSS7.5AI score0.00849EPSS
Exploits0References5
CVE
CVE
added 2023/01/07 4:42 p.m.51 views

CVE-2015-10027

CVE-2015-10027 affects hydrian TTRSS-Auth-LDAP's Username Handler, with LDAP injection in unknown functionality prior to 2.0b1. Upgrading to version 2.0b1 addresses the issue; the patch is identified as a7f7a5a82d9202a5c40d606a5c519ba61b224eb8 (VDB-217622). Multiple connected sources corroborate ...

9.8CVSS6.9AI score0.00849EPSS
Exploits0References5Affected Software1
Kitploit
Kitploit
added 2023/01/07 11:30 a.m.40 views

REST-Attacker - Designed As A Proof-Of-Concept For The Feasibility Of Testing Generic Real-World REST Implementations

REST-Attacker is an automated penetration testing framework for APIs following the REST architecture style. The tool's focus is on streamlining the analysis of generic REST API implementations by completely automating the testing process - including test generation, access control handling, and...

7.5AI score
Exploits0References8
CNNVD
CNNVD
added 2023/01/07 12:0 a.m.1 views

bottle-auth SQL注入漏洞

bottle-auth is an application by John C Personal Developer. A SQL injection vulnerability exists in bottle-auth. An attacker could exploit this vulnerability to perform a sql injection attack...

9.8CVSS6.8AI score0.00672EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/01/07 12:0 a.m.4 views

TTRSS-Auth-LDAP 注入漏洞

TTRSS-Auth-LDAP is a GitHub repository for the authldap plugin for Tiny Tiny RSS from the individual developer Ben Tyger. An injection vulnerability exists in TTRSS-Auth-LDAP. An attacker could exploit this vulnerability to cause LDAP injection...

9.8CVSS6.5AI score0.00849EPSS
Exploits0References6
OSV
OSV
added 2022/12/30 9:15 p.m.3 views

CVE-2022-46582

TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the loginname parameter in the dographauth sub4061E0 function...

9.8CVSS5.8AI score0.00873EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/12/30 12:0 a.m.4 views

TRENDnet TEW-755AP 缓冲区错误漏洞

The TRENDnet TEW-755AP is a router from TRENDnet. The TRENDnet TEW-755AP suffers from a stack overflow vulnerability that stems from a lack of size checking of input data in the loginname parameter of the dographauth sub4061E0 function, which can be exploited by an attacker to execute arbitrary...

9.8CVSS7.9AI score0.00873EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/12/23 12:0 a.m.7 views

PT-2022-27632 · Ip Com · Ip-Com M50

Name of the Vulnerable Software and Affected Versions: IP-COM M50 version 15.11.0.3310768 Description: A buffer overflow issue was discovered via the gotoUrl parameter in the formPortalAuth function. Recommendations: For IP-COM M50 version 15.11.0.3310768, as a temporary workaround, consider...

9.8CVSS9.6AI score0.01056EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2022/12/22 9:35 a.m.387 views

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2022-41082-POC PoC for the CVE-2022-41082 NotProxyShell OW...

9.8CVSS8.7AI score0.99964EPSS
Exploits11
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/12/19 1:57 a.m.2 views

Malicious code in eg-auth-ui-localization (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 437e53aa9aa9cbd8bae160de3b5b28fa886c8552f617e61fbe93c938c4e2029c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Rows per page
Query Builder