17 matches found
EUVD-2009-1586
Malware in sbrugna...
EUVD-2017-9954
Malware in sbrugna...
EUVD-2007-5040
Malware in sbrugna...
EUVD-2004-2332
Malware in sbrugna...
EUVD-2023-0143
Malicious code in bioql PyPI...
EUVD-2024-35937
Malicious code in bioql PyPI...
WordPress ads pro SQL Injection Vulnerability
WordPress Ads Pro is a multi-purpose ad management plugin, mainly used for flexible management of ad space in WordPress websites, supporting banner ad display, billing mode settings and user-friendly ad placement solutions. WordPress ads pro suffers from a SQL injection vulnerability, which stems...
CVE-2009-1590
Unspecified vulnerability in CGI RESCUE FORM2MAIL before 1.42 allows remote attackers to send email to arbitrary recipients via a web form...
CVE-2025-3872 Privilege escalation by altering payload in contact form
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon centreon-web User configuration form modules allows SQL Injection. A user with high privileges is able to become administrator by intercepting the contact form request and altering its...
CVE-2025-3872
CVE-2025-3872 is an SQL Injection vulnerability in Centreon centreon-web (User configuration form modules) that allows a high-privilege user to elevate to administrator by tampering the contact form payload. The issue affects Centreon Web versions listed by PT-Security (22.10.0–27, 23.04.0–23.04....
CVE-2025-3840
CVE-2025-3840 describes an XSS in the End of Life OVA Connect Installer component (Saviynt EOL OVA). The vulnerability stems from improper neutralization of input in the login form’s action parameter, enabling injected scripts under certain conditions. The component is deprecated since Sep 2023 w...
The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, allow attackers to execute arbitrary code.
The vulnerability of XFA PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, arises from the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor t...
drchrono: CSRF Add Album On onpatient.com
Hi I'm Found Bug CSRF It is Possible To Add Album By Attacker on onpatient.com Steps to verify ---- . Login as attacker . Go to photos and click add album . rename album for example :- hacking . . intercept this request add using burp proxy or any other tool you can see X-CSRFToken and sessionid...
phpPgAdmin 3.x - Login Form Directory Traversal
phpPgAdmin 3.x - Login Form Directory Traversal source: https://www.securityfocus.com/bid/14142/info phpPgAdmin is prone to a directory traversal vulnerability. The application fails to filter directory traversal sequences from requests to the login form. All versions of phpPgAdmin are considered...
Microsoft Internet Explorer 6 - HTML Form Status Bar Misrepresentation
source: https://www.securityfocus.com/bid/10023/info A vulnerability has been identified in Microsoft Internet Explorer that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be mislead into following a link to a malicious site. The issue presents itse...
CVE-2003-1282
IBM Net.Data allows remote attackers to obtain sensitive information such as path names, server names and possibly user names and passwords by causing the 1 $DTWCURRENTFILENAME, 2 $DATABASE, 3 $LOGIN, 4 $PASSWORD, and possibly other predefined variables that can be echoed back to the user via a w...
CVE-1999-0935
classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form...