Lucene search
K

14 matches found

OSV
OSV
added 2026/03/24 2:59 p.m.3 views

CVE-2026-33316 Vikunja’s Improper Access Control Enables Bypass of Administrator-Imposed Account Disablement

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.0, a flaw in Vikunja’s password reset logic allows disabled users to regain access to their accounts. The ResetPassword function sets the user’s status to StatusActive after a successful password reset without...

8.1CVSS6.3AI score0.00363EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2004-1840

Malware in sbrugna...

7.5CVSS6.4AI score0.02916EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2008-4900

Malware in sbrugna...

7.5CVSS6.4AI score0.02569EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-1561

Malware in sbrugna...

7.5CVSS6.4AI score0.01837EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/07/05 12:0 a.m.13 views

CVE-2025-47227

In the Production Environment extension in Netmake ScriptCase through 9.12.006 23, the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to login.php.is sufficient. An unauthenticated attacker can then bypass authentication via administrator account takeov...

7.5CVSS0.01955EPSS
Exploits5References3
RedhatCVE
RedhatCVE
added 2025/05/22 10:18 a.m.8 views

CVE-2019-6635

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, when the BIG-IP system is licensed for Appliance mode, a user with either the Administrator or the Resource Administrator role can bypass Appliance mode restrictions...

4.4CVSS7AI score0.00379EPSS
Exploits0References1
EUVD
EUVD
added 2024/10/11 2:32 a.m.6 views

EUVD-2024-50144

The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'loginadminuser' function. This makes it possible for unauthenticated attackers to log to the first user, who is usually the...

9.8CVSS6.6AI score0.00905EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.7 views

The vulnerability of the Citrix Application Delivery Management (ADM) platform’s management service, related to access control deficiencies, allows a hacker to bypass the administrator password and increase their privileges.

The vulnerability of the Citrix Application Delivery Management ADM delivery management platform is related to lack of access control mechanisms. Exploiting this vulnerability could allow a malicious actor to bypass the administrator’s password and gain increased privileges...

8.1CVSS7.6AI score0.12325EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2017/04/26 12:0 a.m.1 views

Western Digital My Cloud Authentication Vulnerability

Western Digital MyCloud is a personal cloud storage device. An authentication vulnerability exists in Western Digital MyCloud. An unauthenticated attacker could be allowed to exploit this vulnerability to bypass administrator authentication and gain control of device privileges...

7.3AI score
Exploits0References1
Exploit DB
Exploit DB
added 2008/05/03 12:0 a.m.33 views

phpDirectorySource 1.1 - Multiple SQL Injections

|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | | |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| Title :: SQL Injection...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/05/03 12:0 a.m.19 views

phpDirectorySource 1.1 Multiple Remote SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ==================================================================== phpDirectorySource 1.1 Multiple Remote SQL Injection Vulnerabilities ====================================================================...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/07/31 12:0 a.m.50 views

wolioCMS SQL Injection

wolioCMS - SQL Injection and Bypass Administrator Login Vendor : http://www.buton.web.id/member.php?member=anon Download : http://www.buton.web.id/download/woliocms.zip Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg @irc.dal.net Exploit ini berhasil jika...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2007/07/30 12:0 a.m.21 views

wolioCMS - Authentication Bypass SQL Injection

wolioCMS - Authentication Bypass SQL Injection wolioCMS - SQL Injection and Bypass Administrator Login Vendor : http://www.buton.web.id/member.php?member=anon Download : http://www.buton.web.id/download/woliocms.zip Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg...

1AI score
Exploits0
securityvulns
securityvulns
added 2005/02/05 12:0 a.m.43 views

[SA14124] Mambo Global Variables Security Bypass Vulnerability

TITLE: Mambo Global Variables Security Bypass Vulnerability SECUNIA ADVISORY ID: SA14124 VERIFY ADVISORY: http://secunia.com/advisories/14124/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: From remote SOFTWARE: Mambo 4.x http://secunia.com/product/872/ DESCRIPTION: A vulnerability...

0.6AI score
Exploits0
Rows per page
Query Builder