CVE-2025-13650

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Surname’ parameter of the ‘Creat...

CVE-2025-13650

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Surname’ parameter of the ‘Creat...

CVE-2025-13650

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Surname’ parameter of the ‘Creat...

CVE-2025-13650

CVE-2025-13650 describes an XSS vulnerability in ZeusWeb 6.1.31 from Microcom. An attacker who can access the web application can inject arbitrary JavaScript by supplying an XSS payload in the Surname field of the Create Account operation via https://zeus.microcom.es:4040/index.html?zeus6=true. T...

CVE-2025-13650 REFLECTED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Surname’ parameter of the ‘Creat...

PT-2025-47668

Name of the Vulnerable Software and Affected Versions LogStare Collector affected versions not specified Description LogStare Collector has an authorization issue within the UserRegistration component. A user without administrative privileges can create new user accounts by submitting a specially...

EUVD-2018-3754

Malware in sbrugna...

EUVD-2018-13457

Malware in sbrugna...

EUVD-2025-25583

Malicious code in bioql PyPI...

EUVD-2024-49632

Malicious code in bioql PyPI...

User Enumeration

com.liferay, com.liferay.login.web is vulnerable to User Enumeration. The vulnerability is due to improper handling of account creation requests on the "create account" page, which allows an attacker to determine if a specific account exists in the application...

Online Event Judging System create_account.php File SQL Injection Vulnerability

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fname in the file /createaccount.php. The vulnerability can be...

CVE-2025-9610

A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /createaccount.php. This manipulation of the argument fname causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicl...

CVE-2025-9610

A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /createaccount.php. This manipulation of the argument fname causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicl...

CVE-2025-9610 code-projects Online Event Judging System create_account.php sql injection

A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /createaccount.php. This manipulation of the argument fname causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicl...

CVE-2025-9610

The CVE-2025-9610 entry relates to code-projects Online Event Judging System 1.0 with a SQL injection in /create_account.php. The fname parameter manipulation leads to SQL injection, enabling remote exploitation. Multiple connected sources confirm the vulnerability and public exploitation discuss...

Code-Projects Online Event Judging System 安全漏洞

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fname in the file /createaccount.php. The vulnerability can be...

PT-2025-35182

Name of the Vulnerable Software and Affected Versions code-projects Online Event Judging System version 1.0 Description A vulnerability exists in the processing of the /create account.php file. Manipulation of the fname argument causes SQL injection, allowing for remote exploitation. The exploit...

CVE-2025-43751

User enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14, 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10 and 7.4 GA through update 92...

GHSA-XWC5-Q44V-P6GG Liferay Portal User Enumeration Vulnerability via the Create Account Page

User enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14, 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10 and 7.4 GA through update 92...