14 matches found
CVE-2026-33316 Vikunja’s Improper Access Control Enables Bypass of Administrator-Imposed Account Disablement
Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.0, a flaw in Vikunja’s password reset logic allows disabled users to regain access to their accounts. The ResetPassword function sets the user’s status to StatusActive after a successful password reset without...
EUVD-2004-1840
Malware in sbrugna...
EUVD-2008-4900
Malware in sbrugna...
EUVD-2005-1561
Malware in sbrugna...
CVE-2025-47227
In the Production Environment extension in Netmake ScriptCase through 9.12.006 23, the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to login.php.is sufficient. An unauthenticated attacker can then bypass authentication via administrator account takeov...
CVE-2019-6635
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, when the BIG-IP system is licensed for Appliance mode, a user with either the Administrator or the Resource Administrator role can bypass Appliance mode restrictions...
EUVD-2024-50144
The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'loginadminuser' function. This makes it possible for unauthenticated attackers to log to the first user, who is usually the...
The vulnerability of the Citrix Application Delivery Management (ADM) platform’s management service, related to access control deficiencies, allows a hacker to bypass the administrator password and increase their privileges.
The vulnerability of the Citrix Application Delivery Management ADM delivery management platform is related to lack of access control mechanisms. Exploiting this vulnerability could allow a malicious actor to bypass the administrator’s password and gain increased privileges...
Western Digital My Cloud Authentication Vulnerability
Western Digital MyCloud is a personal cloud storage device. An authentication vulnerability exists in Western Digital MyCloud. An unauthenticated attacker could be allowed to exploit this vulnerability to bypass administrator authentication and gain control of device privileges...
phpDirectorySource 1.1 - Multiple SQL Injections
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | | |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| Title :: SQL Injection...
phpDirectorySource 1.1 Multiple Remote SQL Injection Vulnerabilities
Exploit for unknown platform in category web applications ==================================================================== phpDirectorySource 1.1 Multiple Remote SQL Injection Vulnerabilities ====================================================================...
wolioCMS SQL Injection
wolioCMS - SQL Injection and Bypass Administrator Login Vendor : http://www.buton.web.id/member.php?member=anon Download : http://www.buton.web.id/download/woliocms.zip Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg @irc.dal.net Exploit ini berhasil jika...
wolioCMS - Authentication Bypass SQL Injection
wolioCMS - Authentication Bypass SQL Injection wolioCMS - SQL Injection and Bypass Administrator Login Vendor : http://www.buton.web.id/member.php?member=anon Download : http://www.buton.web.id/download/woliocms.zip Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg...
[SA14124] Mambo Global Variables Security Bypass Vulnerability
TITLE: Mambo Global Variables Security Bypass Vulnerability SECUNIA ADVISORY ID: SA14124 VERIFY ADVISORY: http://secunia.com/advisories/14124/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: From remote SOFTWARE: Mambo 4.x http://secunia.com/product/872/ DESCRIPTION: A vulnerability...