EUVD-2019-9574

Malware in sbrugna...

HEXAGreen CMS SQL Injection Vulnerability

Title: HEXAGreen CMS - Authenticated SQLi Description: HEXAGreen CMS authenticated error-based sql injection Source URL: http://ezcode.pt/tests/hexagreen/admin/ Source Name/Email: Mehmet Can Kadıoğlu a.k.a mao7un CVEs: N/A Software URL: https://www.codester.com/items/36507/hexagreen-website-cms...

Computer Laboratory Management System v1.0 - Multiple-SQLi

Title: Computer Laboratory Management System v1.0 - Multiple-SQLi Author: nu11secur1ty Date: 03/28/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.htmlcomment-104400 Reference:...

Improper Access Control

ssddanbrown/bookstack is vulnerable to Improper Access Control. An attacker is able to execute an error-based attack by obtaining a part of an email of the user...

Improper Access Control in bookstackapp/bookstack

Description A logged-in user with no privileges OR guest user if public access enabled can access the /search/users/select AJAX endpoint meant for admins to manage audit logs, to dump all usernames existing in the Bookstack database. This can also be used to harvest email belonging to a user...