EUVD-2024-2156

Malicious code in bioql PyPI...

EUVD-2024-48043

Malicious code in bioql PyPI...

Access code - Moderately critical - Access bypass - SA-CONTRIB-2025-108

This module enables users to sign in with an access code instead of entering user names and passwords. When users are allowed to pick their own access codes, they can guess other users' access codes based on the fact that access codes need to be unique and the system warns if the code of their...

PoisonSeed Tricking Users Into Bypassing FIDO Keys With QR Codes

PoisonSeed group tricks users into bypassing FIDO Keys by misusing QR code logins, highlighting new social engineering risk to secure MFA...

CVE-2024-1111

A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched...

DRUPAL-CONTRIB-2025-028

This module enables users to log in using a short access code instead of providing a username/password combination. The module doesn't sufficiently protect against brute force attacks to guess a user's access code. This vulnerability is mitigated by the fact that access code based logins are off ...

CVE-2024-7027

The WooCommerce - PDF Vouchers plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 4.9.3. This is due to insufficient verification on the user being supplied during a QR code login through the plugin. This makes it possible for unauthenticated attackers t...

CVE-2024-1111

A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched...

CVE-2024-1111 SourceCodester QR Code Login System add-user.php cross site scripting

A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched...

CVE-2024-1111 SourceCodester QR Code Login System add-user.php cross site scripting

A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched...

SourceCodester QR Code Login System 安全漏洞

QR Code Login System is a modern authentication QR code solution for rems individual developers. A security vulnerability exists in the SourceCodester QR Code Login System version 1.0, which stems from the fact that add-user.php contains an unknown function that leads to cross-site scripting via...

PT-2024-16770

Name of the Vulnerable Software and Affected Versions SourceCodester QR Code Login System version 1.0 Description A vulnerability has been found in the SourceCodester QR Code Login System, affecting some unknown functionality of the file add-user.php. The manipulation of the qr-code argument lead...

Dell EMC SCG Policy Manager 信任管理问题漏洞

Dell EMC SCG Policy Manager is a secure connectivity gateway policy manager from Dell, U.S. A security vulnerability exists in Dell EMC SCG Policy Manager that could be exploited by remote attackers to submit a special request to hard-code a login to the system to gain administrator privileges...

CVE-2022-39314

Kirby is a flat-file CMS. In versions prior to 3.5.8.2, 3.6.6.2, 3.7.5.1, and 3.8.1, Kirby is subject to user enumeration due to Improper Restriction of Excessive Authentication Attempts. This vulnerability affects you only if you are using the code or password-reset auth method with the...

PT-2022-24896

Name of the Vulnerable Software and Affected Versions Kirby versions prior to 3.5.8.2 Kirby versions prior to 3.6.6.2 Kirby versions prior to 3.7.5.1 Kirby versions prior to 3.8.1 Description The issue affects Kirby, a flat-file CMS, due to Improper Restriction of Excessive Authentication Attempt...

Discord Shame channel goes phishing

A variant of a popular piece of social media fraud has made its way onto Discord servers. Multiple people are reporting messages of an "Is this you" nature, tied to a specific Discord channel. is this a new discord scam or something? someone I haven’t spoken to in years randomly sent me this and...

CVE-2017-8173

Maya-L02,VKY-L09,VTR-L29,Vicky-AL00A,Victoria-AL00A,Warsaw-AL00 smart phones with software of earlier than Maya-L02C636B126 versions,earlier than VKY-L29C10B151 versions,earlier than VTR-L29C10B151 versions,earlier than Vicky-AL00AC00B162 versions,earlier than Victoria-AL00AC00B167 versions,earli...