EUVD-2017-1253

Malware in sbrugna...

Discourse < 2.8.7 DoS Vulnerabilities

Discourse is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"...

PT-2022-23057 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to the latest stable, beta and tests-passed versions Description: A malicious user can exploit the invitation system to spam arbitrary email addresses by sending them invitation emails in certain cases. The estimated...

Enjin: Race condition via project team member invitation system.

The user illustrated a race condition within the invitation system that allowed them to exceed the maximum number of members allowed by their plan...

Zulip Server invitation system unauthorized operation vulnerability

Zulip Server is a set of open source group chat application written in Python based on the Django framework. invitation system is one of the invitation system . A security vulnerability exists in the invitation system in Zulip Server versions prior to 1.7.1. An attacker can exploit this...

Design/Logic Flaw

In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation system lets an authorized user of one realm on the server create a user account on any other realm...

CVE-2017-0910

Zulip Server (open-source group chat) before 1.7.1 contains an invitation-system vulnerability on multi-realm servers: an authorized user of one realm can create a user account on any other realm. Affected: Zulip Server versions prior to 1.7.1. Mitigation often cited as upgrading to 1.7.1 or appl...

phpMyBitTorrent 2.0.4 - SQL Injection Vulnerability

No description provided by source. Exploit Title: phpMyBitTorrent 2.0.4 SQL injection Google Dork: inurl:user.php?op=register Date: 14/FEB/2011 Author: [email protected] Software Link: http://sourceforge.net/projects/phpmybittorrent/ Version: 2.0.4 Tested on: nix...

Foursquare vulnerability that exposes 45 million users' email addresses

A location based Social Networking platform with 45 million users,'Foursquare' was vulnerable to the primary email address disclosed. Foursquare is a Smartphone application that gives you details of nearby cafes, bars, shops, parks using GPS location and also tells about your friends nearby...

Critical vulnerabilities discovered in Gazelle and TBDEV.net

Hi guys, Gazelle and TBDEV.NET are the most popular web applications used as BitTorrent trackers. A BitTorrent tracker is an application that assists in the communication between peers using the BitTorrent protocol. BitTorrent trackers can be public/open where anybody can join or private where an...

phpMyBitTorrent 2.0.4 SQL Injection

Exploit Title: phpMyBitTorrent 2.0.4 SQL injection Google Dork: inurl:"user.php?op=register" Date: 14/FEB/2011 Author: [email protected] Software Link: http://sourceforge.net/projects/phpmybittorrent/ Version: 2.0.4 Tested on: nix...

phpMyBitTorrent 2.0.4 - SQL Injection

Exploit Title: phpMyBitTorrent 2.0.4 SQL injection Google Dork: inurl:"user.php?op=register" Date: 14/FEB/2011 Author: [email protected] Software Link: http://sourceforge.net/projects/phpmybittorrent/ Version: 2.0.4 Tested on: nix...

phpMyBitTorrent 2.0.4 - SQL Injection

phpMyBitTorrent 2.0.4 - SQL Injection Exploit Title: phpMyBitTorrent 2.0.4 SQL injection Google Dork: inurl:"user.php?op=register" Date: 14/FEB/2011 Author: [email protected] Software Link: http://sourceforge.net/projects/phpmybittorrent/ Version: 2.0.4 Tested on: nix...