PT-2024-16225 · Sourcecodester · Itsourcecode Payroll Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Payroll Management System version 1.0 Description: A critical issue has been found in the login function of the main file, leading to a buffer overflow. The exploit has been disclosed to the public and may be used...

PT-2024-39867 · WordPress · Pedalo Connector

Name of the Vulnerable Software and Affected Versions: The Pedalo Connector plugin for WordPress versions up to, and including, 2.0.5 Description: The issue is due to insufficient restriction on the login admin user function, making it possible for unauthenticated attackers to log in as the first...

Car Rental Project 1.0 Code Injection

============================================================================================================================================= | Title : Car Rental Project 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0...

CVE-2024-9088

A vulnerability has been found in SourceCodester Telecom Billing Management System 1.0 and classified as critical. This vulnerability affects the function login. The manipulation of the argument uname leads to buffer overflow. The exploit has been disclosed to the public and may be used...

CVE-2024-9088 SourceCodester Telecom Billing Management System login buffer overflow

A vulnerability has been found in SourceCodester Telecom Billing Management System 1.0 and classified as critical. This vulnerability affects the function login. The manipulation of the argument uname leads to buffer overflow. The exploit has been disclosed to the public and may be used...

Unspecified Vulnerability in D-Link DCS-960L

D-Link DCS-960L is a webcam product from China AUO D-Link. A security vulnerability exists in the D-Link DCS-960L version 1.09, which originates from a flaw in the handling of the login function of the HNAP service and can be exploited by an attacker to execute arbitrary code...

CVE-2024-44589

Stack overflow vulnerability in the Login function in the HNAP service in D-Link DCS-960L with firmware 1.09 allows attackers to execute of arbitrary code...

CVE-2024-44589

Stack overflow vulnerability in the Login function in the HNAP service in D-Link DCS-960L with firmware 1.09 allows attackers to execute of arbitrary code...

CVE-2024-44589

CVE-2024-44589 is a stack-overflow in the Login function of the HNAP service on the D-Link DCS-960L (firmware 1.09) that allows arbitrary code execution. Affected component: HNAP Login handler; root cause: stack overflow. Impact: high (remote code execution). Exploitation details are not provided...

CVE-2023-51712

An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function...

CVE-2023-51712

An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function...

CVE-2023-51712

An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function...

CVE-2023-51712

An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function...

CVE-2023-51712

An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function...

PT-2024-6459 · D Link · D-Link Dcs-960L

Name of the Vulnerable Software and Affected Versions: D-Link DCS-960L version 1.09 Description: The issue is related to a stack overflow vulnerability in the HNAP service of the D-Link DCS-960L IP camera, specifically in the Login function. This vulnerability can be exploited by a remote attacke...

CVE-2024-7808

A vulnerability was found in code-projects Job Portal 1.0. It has been classified as critical. Affected is an unknown function of the file logindbc.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to t...

Simopro Technology WinMatrix3 SQL Injection Vulnerability (CNVD-2025-20312)

Simopro Technology WinMatrix3 is an IT resource management system for enterprise-class computer asset management, endpoint security control and IT operations management. Simopro Technology WinMatrix3 suffers from a SQL injection vulnerability that stems from a lack of proper validation of user...

SourceCodester School Log Management System SQL注入漏洞

SourceCodester School Log Management System is a SourceCodester open source school log management system. SourceCodester School Log Management System version 1.0 suffers from a SQL injection vulnerability, which originates from the username function on the /admin/ajax.php?action=login page contai...

CVE-2024-6043

A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects the function login of the file adminclass.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploi...

CVE-2024-4303 ArmorX Android APP - MFA Bypass

ArmorX Android APP's multi-factor authentication MFA for the login function is not properly implemented. Remote attackers who obtain user credentials can bypass MFA, allowing them to successfully log into the APP...