10 matches found
CVE-2021-27644
In Apache DolphinScheduler before 1.3.6 versions, authorized users can use SQL injection in the data source center. Only applicable to MySQL data source with internal login account password...
CVE-2025-9002
A vulnerability was identified in Surbowl dormitory-management-php 1.0. This affects an unknown part of the file login.php. The manipulation of the argument Account leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...
CVE-2020-21237
An issue in the user login box of LJCMS v1.11 allows attackers to hijack user accounts via brute force attacks...
CVE-2025-24032
PAM-PKCS#11 (Linux-PAM) vulnerability CVE-2025-24032 affects pam_pkcs11-0.6.0 and later up to 0.6.12/0.6.13 era, where the default cert_policy of none may bypass private-key signature checks. An attacker could create a token containing the user’s public data (e.g., certificate) and a known PIN an...
CVE-2022-23903
A Cross Site Scripting XSS vulnerability exists in pearadmin pear-admin-think =5.0.6, which allows a login account to access arbitrary functions and cause stored XSS through a fake User-Agent...
Cross site scripting
A Cross Site Scripting XSS vulnerability exists in pearadmin pear-admin-think =5.0.6, which allows a login account to access arbitrary functions and cause stored XSS through a fake User-Agent...
Information leakage vulnerability in Chien Wang CRM customer management system
Thousand Wonders Software is a professional software developer. There is an information leakage vulnerability in Chivan's CRM customer management system, which can be exploited by attackers to obtain login account passwords...
WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin)
WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Exploit Title: WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Date: 2018-12-23 Exploit Author: linfeng Vendor Homepage:https://github.com/wstmall/wstmart/ Software Link:http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE...
WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title: WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Exploit Author: linfeng Vendor Homepage:https://github.com/wstmall/wstmart/ Software Link:http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE :CVE-2018-19138 0x02 CSRF Po...
BlackBerry Enterprise Server PNG and TIFF Image Processing Vulnerabilities (KB27244)
The version of BlackBerry Enterprise Server on the remote host reportedly contains multiple remote code execution vulnerabilities in its image processing library : - An unspecified error within the BlackBerry MDS Connection Service when processing PNG and TIFF images on a web page being viewed on...