30 matches found
Improper Authorization
Leantime is vulnerable to Improper Authorization. The vulnerability is due to missing authorization checks in the Users::getUser JSON-RPC API, where authenticated users can retrieve sensitive credential data for arbitrary user accounts, allowing attackers to obtain password hashes, TOTP secrets,...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the users.getUser method in the JSON-RPC API. An attacker can retrieve sensitive credential information, such as password hashes, TOTP secrets, and session tokens, by supplying...
CVE-2026-59712 Leantime - JSON-RPC API Broken Access Control via users.getUser
Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to...
CVE-2026-3200
A vulnerability was identified in z-9527 admin 1.0/2.0. The affected element is the function checkName/register/login/getUser/getUsers of the file /server/controller/user.js. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might...
CVE-2026-3200 z-9527 admin user.js getUsers sql injection
A vulnerability was identified in z-9527 admin 1.0/2.0. The affected element is the function checkName/register/login/getUser/getUsers of the file /server/controller/user.js. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might...
CVE-2026-3200
CVE-2026-3200 affects the z-9527 admin 1.0/2.0 product. The vulnerability is in the server-side code, specifically the functions checkName, register, login, getUser, and getUsers in /server/controller/user.js, where improper handling leads to SQL injection. The issue can be triggered remotely and...
admin SQL注入漏洞
Admin is a chatroom software developed by Z-9527 as an individual developer. Versions 1.0 and 2.0 of Admin have SQL injection vulnerabilities. These vulnerabilities stem from incorrect operations on the functions checkName/register/login/getUser/getUsers in the file/server/controller/user.js, whi...
CVE-2024-9262
CVE-2024-9262 affects the WordPress plugin “User Meta – User Profile Builder and User management plugin” (WordPress). It describes an Insecure Direct Object Reference via getUser() caused by missing validation on a user-controlled key. The vulnerability affects all versions up to and including 3....
PT-2024-39521 · WordPress · The User Meta
Name of the Vulnerable Software and Affected Versions: The User Meta – User Profile Builder and User management plugin for WordPress versions up to, and including, 3.1 Description: The issue is related to Insecure Direct Object Reference, which can be exploited by authenticated attackers with...
CVE-2020-29168
SQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows attackers to gain sensitive information via the q parameter to the getuser.php endpoint...
PT-2023-11774 · Unknown · Projectworlds Online Doctor Appointment Booking System
Name of the Vulnerable Software and Affected Versions: Projectworlds Online Doctor Appointment Booking System affected versions not specified Description: The issue allows attackers to gain sensitive information via the "getuser.php" endpoint, specifically through the q parameter. This is a SQL...
VulnCheck KEV: CVE-2017-17106
Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be obtained by an unauthenticated remote attacker using a standard web /cgi-bin/hi3510/param.cgi?cmd=getuser HTTP request. This vulnerability exists because of a lack of authentication checks in requests to CGI pages...
Online Doctor Appointment Booking System SQL Injection Vulnerability
Online Doctor Appointment Booking System is a web-based online appointment booking system from PHP Scripts Mall Php Scripts Mall, India. Online Doctor Appointment Booking System suffers from a SQL injection vulnerability that originates from a SQL injection vulnerability in the getuser.php...
CVE-2020-29283
An SQL injection vulnerability was discovered in Online Doctor Appointment Booking System PHP and Mysql via the q parameter to getuser.php...
Online Doctor Appointment Booking System SQL注入漏洞
Online Doctor Appointment Booking System is a web-based online appointment booking system from PHP Scripts Mall Php Scripts Mall, India. Online Doctor Appointment Booking System suffers from a SQL injection vulnerability that originates from a SQL injection vulnerability in the getuser.php...
D-Link DCS-2530L and DCS-2670L Information Disclosure Vulnerability
The DCS-2530L and DCS-2670L are Full HD 180-degree Wi-Fi cameras from D-Link. A security vulnerability exists in cgi-bin/ddnsenc.cgi in the D-Link DCS-2530L and DCS-2670L. An attacker can exploit this vulnerability to obtain the administrator password via the /config/getuser endpoint...
CVE-2020-25078
An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure...
BSA Radar 1.6.7234.24750 Cross Site Request Forgery
Exploit title: BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery Change Password Exploit Author: William Summerhill Date: 2020-06-22 Vendor Homepage:bhttps://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE: CVE-2020-14944 Description: The Global RADAR BSA Radar...
BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery (Change Password) Vulnerability
Exploit for hardware platform in category web applications Exploit title: BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery Change Password Exploit Author: William Summerhill Vendor Homepage:bhttps://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE: CVE-2020-1494...
CVE-2020-14944
Global RADAR BSA Radar 1.6.7234.24750 and earlier lacks valid authorization controls in multiple functions. This can allow for manipulation and takeover of user accounts if successfully exploited. The following vulnerable functions are exposed: ChangePassword, SaveUserProfile, and GetUser...