200 matches found
EUVD-2016-6022
Malware in sbrugna...
EUVD-1999-0499
Malware in sbrugna...
EUVD-2000-0383
Malware in sbrugna...
EUVD-2020-6229
Malware in sbrugna...
EUVD-2007-3855
Malware in sbrugna...
EUVD-2025-23598
Malicious code in bioql PyPI...
EUVD-2023-53261
Malicious code in bioql PyPI...
EUVD-2025-29145
Malicious code in bioql PyPI...
CVE-2025-48869
Horilla HRMS v1.3.0 is affected by a broken access control vulnerability that allows unauthenticated users to retrieve uploaded resume files by guessing or predicting file URLs. Files reside in a publicly accessible directory, enabling disclosure of sensitive candidate information without authent...
CVE-2025-10423
A vulnerability was found in newbee-mall 1.0. Impacted is the function mallKaptcha of the file /common/mall/kaptcha. The manipulation results in guessable captcha. The attack can be executed remotely. A high complexity level is associated with this attack. The exploitability is considered...
CVE-2025-10423
Affected: newbee-mall 1.0. Vulnerable component: mallKaptcha in /common/mall/kaptcha where the CAPTCHA generation is prone to being guessable. Impact: remote attacker can exploit to bypass CAPTCHA; attack complexity is high and authentication is not required. Exploitability: publicly disclosed Po...
CVE-2025-8417
The Catalog Importer, Scraper & Crawler plugin for WordPress is vulnerable to PHP code injection in all versions up to, and including, 5.1.4. This is due to reliance on a guessable numeric token e.g. ?key= 900001705 without proper authentication, combined with the unsafe use of eval on...
CVE-2025-8417 Catalog Importer, Scraper & Crawler <= 5.1.4 - Unauthenticated PHP Code Injection
The Catalog Importer, Scraper & Crawler plugin for WordPress is vulnerable to PHP code injection in all versions up to, and including, 5.1.4. This is due to reliance on a guessable numeric token e.g. ?key= 900001705 without proper authentication, combined with the unsafe use of eval on...
PT-2025-37127
Name of the Vulnerable Software and Affected Versions: Catalog Importer, Scraper & Crawler plugin for WordPress versions through 5.1.4 Description: The Catalog Importer, Scraper & Crawler plugin for WordPress is susceptible to PHP code injection due to reliance on a guessable numeric token e.g.,...
CVE-2025-8546
A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects the function adminlogin/login of the component Verification Code Handler. The manipulation leads to guessable captcha. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-8546 atjiu pybbs Verification Code login Captcha
A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects the function adminlogin/login of the component Verification Code Handler. The manipulation leads to guessable captcha. It is possible to initiate the attack remotely. The exploit has been...
pybbs 安全漏洞
pybbs is a community platform for Java development by iuiu individual developers. A security vulnerability exists in pybbs 6.0.0 and earlier versions, which stems from a guessable CAPTCHA issue in the function adminlogin/login in the CAPTCHA handling component...
CVE-2024-30540
Guessable CAPTCHA vulnerability in Guido VS Contact Form allows Functionality Bypass.This issue affects VS Contact Form: from n/a through 14.7...
CVE-2024-31295
Guessable CAPTCHA vulnerability in BestWebSoft Captcha by BestWebSoft allows Functionality Bypass.This issue affects Captcha by BestWebSoft: from n/a through 5.2.0...
Predictable Resource Location
nitsan/ns-backup is vulnerable to Predictable Resource Location. The vulnerability is due to the use of predictable or guessable file paths for stored backup files without proper access controls, allows attackers to locate and download sensitive backup files by simply guessing the URL or file nam...