203 matches found
EUVD-2014-4788
Malware in sbrugna...
EUVD-2016-6852
Malware in sbrugna...
EUVD-2017-14585
Malware in sbrugna...
EUVD-2003-0487
Malware in sbrugna...
EUVD-2008-0591
Malware in sbrugna...
EUVD-2014-4780
Malware in sbrugna...
EUVD-2010-1482
Malware in sbrugna...
EUVD-2023-41732
Malicious code in bioql PyPI...
EUVD-2023-49489
Malicious code in bioql PyPI...
EUVD-2025-13446
Malicious code in bioql PyPI...
EUVD-2024-47722
Malicious code in bioql PyPI...
EUVD-2025-27024
Malicious code in bioql PyPI...
CVE-2025-10014
A flaw has been found in elunez eladmin up to 2.7. This impacts the function updateUserEmail of the file /api/users/updateEmail/ of the component Email Address Handler. Executing manipulation of the argument id/email can lead to improper authorization. The attack may be performed from remote...
CVE-2025-10014 elunez eladmin Email Address updateEmail updateUserEmail improper authorization
A flaw has been found in elunez eladmin up to 2.7. This impacts the function updateUserEmail of the file /api/users/updateEmail/ of the component Email Address Handler. Executing manipulation of the argument id/email can lead to improper authorization. The attack may be performed from remote...
CVE-2025-10014 elunez eladmin Email Address updateEmail updateUserEmail improper authorization
A flaw has been found in elunez eladmin up to 2.7. This impacts the function updateUserEmail of the file /api/users/updateEmail/ of the component Email Address Handler. Executing manipulation of the argument id/email can lead to improper authorization. The attack may be performed from remote...
CVE-2025-10014
CVE-2025-10014 affects elunez eladmin up to 2.7, specifically the updateUserEmail function in the Email Address Handler at /api/users/updateEmail/. Manipulating the id/email argument can cause improper authorization, potentially allowing a remote attacker to access or modify user data. Exploitati...
PT-2025-36258
Name of the Vulnerable Software and Affected Versions: elunez eladmin versions up to 2.7 Description: A flaw exists in elunez eladmin that impacts the updateUserEmail function within the Email Address Handler component. Manipulation of the id/email argument in the /api/users/updateEmail/ API...
ConnectWise PSA 安全漏洞
ConnectWise PSA is a specialized service automation software from ConnectWise USA. A security vulnerability exists in ConnectWise PSA versions prior to 2025.9 that stems from the API returning too much user information, which could lead to an authenticated user obtaining an encrypted password has...
CVE-2025-52101
linjiashop =0.9 is vulnerable to Incorrect Access Control. When using the default-generated JWT authentication, attackers can bypass the authentication and retrieve the encrypted "password" and "salt". The password can then be obtained through brute-force cracking...
CVE-2023-40354
An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a "maxctrl create service" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08....