CVE-2022-3955 tholum crm42 Login class.user.php sql injection

A vulnerability was found in tholum crm42. It has been rated as critical. This issue affects some unknown processing of the file crm42\class\class.user.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit h...

CVE-2020-23355

CVE-2020-23355 affects Codiad 2.8.4, where in the file /componetns/user/class.user.php the Authenticate() function is vulnerable to a magic hash authentication bypass. Encrypted or hashed passwords that take certain formats (e.g., 0e123 or 0e234) can bypass authentication. Multiple connected advi...