62 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-62526
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, ubusd contains a heap buffer overflow in the event registratio...
CVE-2025-62526 OpenWrt ubusd vulnerable to heap buffer overflow
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, ubusd contains a heap buffer overflow in the event registration parsing code. This allows an attacker to modify the head and potentially execute arbitrary code in the context of the ubus daemon. The...
CVE-2025-62526
OpenWrt ubusd (component of OpenWrt OS) is affected in versions prior to 24.10.4 by a heap buffer overflow in the event registration parsing code. Exploitation can modify the heap and potentially execute arbitrary code in the ubus daemon process, with actions occurring before ACL checks and enabl...
EUVD-2006-3049
Malware in sbrugna...
EUVD-2023-33897
Malicious code in bioql PyPI...
Simple Mail Transfer Pirates: How threat actors are abusing third-party infrastructure to send spam
Attackers are abusing normal features of legitimate web sites to transmit spam, such as the traditional method of verifying the creation of a new account. This web infrastructure and its associated email infrastructure is otherwise used for legitimate purposes, which makes blocking these messages...
CVE-2024-5120
A vulnerability was found in SourceCodester Event Registration System 1.0. It has been classified as critical. Affected is an unknown function of the file /registrar/?page=registration. The manipulation of the argument e leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2024-5119
A vulnerability was found in SourceCodester Event Registration System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Master.php?f=loadregistration. The manipulation of the argument lastid/eventid leads to sql injection. The attack may be initiated...
CVE-2024-5120
CVE-2024-5120 affects SourceCodester Event Registration System 1.0. The vulnerability is an SQL injection in the file /registrar/?page=registration via the e parameter. It can be exploited remotely, and public disclosures exist. Connected sources corroborate an unknown function in the endpoint as...
Event Registration System SQL注入漏洞
Event Registration System is a QR code based event registration system by Carlo Montero, a personal developer. An SQL injection vulnerability exists in Event Registration System version 1.0, which is caused by the presence of an unknown function in /registrar/ that leads to SQL injection via the...
Join the new Microsoft Security experience at Microsoft Ignite 2023
During the past few years, we’ve managed a lot of change and disruption in our security work, in our lives, and in society at large. This year we’re excited to welcome back security leaders, aspiring leaders, and IT professionals—in person—to Microsoft Ignite from November 14 to 17, 2023, and...
Cross site request forgery (csrf)
The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Cross-Site Request Forgery. This is due to missing nonce validation in the lsparsevcitacallback function. This...
Event Registration App CSV Injection Vulnerability
Event Registration App is a JavaScript application for registering event participants by Carlo Montero Personal Developer. A CSV injection vulnerability exists in Carlo Montero Event Registration App v1.0, which stems from improper use of the formula elements of the First Name, Contact, and Remar...
Event Registration System with QR Code 1.0 - Authentication Bypass
Exploit Title: Event Registration System with QR Code 1.0 - Authentication Bypass & RCE Exploit Author: Javier Olmedo Date: 27/07/2021 Vendor: Sourcecodester Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/event0.zip Affected Version: 1.0 Category: WebApps...
The World Has Moved Online. Has Your Business Adapted?
What would happen if everything we do in the world were to suddenly go online? We got the answer to that question early this year, when the global coronavirus pandemic forced almost everyone and everything to move online: commerce, meetings with colleagues and customers, classroom learning,...
WordPress Event-Registration 5.43 Arbitrary File Upload
Exploit Title : WordPress Event-Registration Plugins 5.43 Arbitrary File Upload Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 30/03/2020 Vendor Homepage : wp-event-organiser.com Software Links : captainform.com/wordpress-event-registration-plugin/...
Salesforce RegistrationForm - Persistent Web Vulnerability
Document Title: =============== Salesforce RegistrationForm - Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2054 Salesforce Security ID: 219513 Release Date: ============= 2018-06-22 Vulnerability Laboratory ID VL-ID:...
Salesforce RegistrationForm - Persistent Web Vulnerability
Document Title: =============== Salesforce RegistrationForm - Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2054 Salesforce Security ID: 219513 Release Date: ============= 2018-06-21 Vulnerability Laboratory ID VL-ID:...
CVE-2015-7880
Affected product: Drupal Entity Registration module (7.x-1.x) prior to 7.x-1.5. Vulnerability: information disclosure where remote attackers could obtain sensitive event registration data by abusing the "Register other accounts" permission and knowledge of usernames. Impact: unauthorized disclosu...
Joomla! Component Event Registration Pro Calendar 4.1.3 - SQL Injection
Joomla! Component Event Registration Pro Calendar 4.1.3 - SQL Injection Exploit Title: Joomla! Component Event Registration Pro Calendar v4.1.3 - SQL Injection Dork: N/A Date: 02.08.2017 Vendor : http://joomlashowroom.com/ Software:...