Thruk Monitoring 跨站脚本漏洞

Thruk Monitoring is an open-source visualization interface developed by Thruk, designed for centrally displaying and managing system monitoring data. Versions of Thruk Monitoring prior to 2.46.3 contained a cross-site scripting vulnerability. This vulnerability stemmed from the login fields in th...

CVE-2026-7131 code-projects Online Lot Reservation System loginuser.php sql injection

A vulnerability has been found in code-projects Online Lot Reservation System up to 1.0. The impacted element is an unknown function of the file /loginuser.php. The manipulation of the argument email/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

PT-2026-21310

Part-DB 0.4 contains an authentication bypass vulnerability that allows unauthenticated attackers to login by injecting SQL syntax into authentication parameters. Attackers can submit a single quote followed by 'or' in the login form to bypass credential validation and gain unauthorized access to...

EUVD-2008-0297

Malware in sbrugna...

EUVD-2006-5941

Malware in sbrugna...

EUVD-2007-4190

Malware in sbrugna...

EUVD-2008-5566

Malware in sbrugna...

CVE-2025-59761 Multiple vulnerabilities in AndSoft's e-TMS

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

CVE-2022-32548

An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field...

CVE-2024-46918

app/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org admin from viewing sensitive login fields of another org admin in the same org...

MISP 安全漏洞

MISP is an open source software solution from MISP Open Source. The product is used to collect, store, distribute, and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A security vulnerability exists in MISP versions prior to 2.4.198...

Splicecom Maximiser Soft PBX Security Breach

Splicecom Maximiser Soft PBX is an IP phone. A security vulnerability exists in Splicecom Maximiser Soft PBX v1.5 and prior versions, which stems from a cross-site scripting XSS vulnerability in the CLIENTNAME and DEVICEGUID fields in the login component...

Error event ID 5002 recorded on StoreFront server

When starting Citrix Workspace, the User Name and Password inputs are not displayed. Restarting StoreFront temporarily resolves the issue. The following error event log was recorded in the StoreFront Event Viewer. Event ID 5002, Application Pool Citrix Delivery Services Authentication has been...

CVE-2023-37069

Code-Projects Online Hospital Management System V1.0 is vulnerable to SQL Injection SQLI attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the login id and password fields during the login...

CVE-2022-39180

College Management System v1.0 - SQL Injection SQLi. By inserting SQL commands to the username and password fields in the login.php page...

CVE-2022-38637

Hospital Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the Username and Password parameters on the Login page...

WordPress plugin VikRentCar跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress Plugin is a WordPress open source application plugin. WordPress' VikRentCar has a cross-site scripting...

DEBIAN-CVE-2020-1769

In the login screens in agent and customer interface, Username and Password fields use autocomplete, which might be considered as security issue. This issue affects: OTRS Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions...

CVE-2017-16902

On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long string of characters in the loginPassword and/or loginUsername field to goform/login causes the router to reboot...

CVE-2017-16902

On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long string of characters in the loginPassword and/or loginUsername field to goform/login causes the router to reboot...