CVE-2025-1351

IBM Storage Virtualize 8.5, 8.6, and 8.7 products could allow a user to escalate their privileges to that of another user logging in at the same time due to a race condition in the login function...

CVE-2025-1351

IBM Storage Virtualize versions 8.5–8.7 are affected by a race-condition in the login function that could allow a user to escalate privileges to another active session. Remediation from IBM’s security bulletin replaces vulnerable code with fixed versions: 8.5.x: up to 8.5.0.15; 8.5.1.0 and 8.5.2....

CVE-2025-1351 IBM Storage Virtualize privilege escalation

IBM Storage Virtualize 8.5, 8.6, and 8.7 products could allow a user to escalate their privileges to that of another user logging in at the same time due to a race condition in the login function...

CVE-2025-6551

A vulnerability was found in java-aodeng Hope-Boot 1.0.0 and classified as problematic. This issue affects the function Login of the file /src/main/java/com/hope/controller/WebController.java. The manipulation of the argument errorMsg leads to cross site scripting. The attack may be initiated...

PT-2025-26674 · Unknown · Java-Aodeng Hope-Boot

Name of the Vulnerable Software and Affected Versions: java-aodeng Hope-Boot version 1.0.0 Description: A issue was found in the Login function of the file /src/main/java/com/hope/controller/WebController.java. The manipulation of the errorMsg argument leads to cross-site scripting. The attack ma...

Hope-Boot 输入验证错误漏洞

Hope-Boot is a modern scaffolding project by the individual developer java-aodeng. An input validation error vulnerability exists in Hope-Boot version 1.0.0, which stems from mishandling of the parameter redirecturl in the doLogin function in WebController.java, which could lead to an open redire...

novel-plus 安全漏洞

novel-plus is a novel reading software by xxy individual developer. A security vulnerability exists in novel-plus version 5.1.3 and earlier, which stems from a misbehavior of the function ajaxLogin that results in authentication bypass...

CVE-2024-28816

Student Information Chatbot a0196ab allows SQL injection via the username to the login function in index.php...

CVE-2024-1729

A timing attack vulnerability exists in the gradio-app/gradio repository, specifically within the login function in routes.py. The vulnerability arises from the use of a direct comparison operation app.authusername == password to validate user credentials, which can be exploited to guess password...

CVE-2024-10371

A vulnerability classified as critical has been found in SourceCodester Payroll Management System 1.0. This affects the function login of the file main. The manipulation leads to buffer overflow. The exploit has been disclosed to the public and may be used...

CVE-2024-9088

A vulnerability has been found in SourceCodester Telecom Billing Management System 1.0 and classified as critical. This vulnerability affects the function login. The manipulation of the argument uname leads to buffer overflow. The exploit has been disclosed to the public and may be used...

CVE-2023-41594

Dairy Farm Shop Management System Using PHP and MySQL v1.1 was discovered to contain multiple SQL injection vulnerabilities in the Login function via the Username and Password parameters...

CVE-2023-7188

A vulnerability classified as critical has been found in Shipping 100 Fahuo100 up to 1.1. Affected is an unknown function of the file member/login.php. The manipulation of the argument Mpwd leads to sql injection. The complexity of an attack is rather high. The exploitability is told to be...

CVE-2022-29272

In Nagios XI through 5.8.5, an open redirect vulnerability exists in the login function that could lead to spoofing...

CVE-2025-4890

A vulnerability was found in code-projects Tourism Management System 1.0 and classified as critical. This issue affects the function LoginUser of the component Login User. The manipulation of the argument username/password leads to stack-based buffer overflow. Attacking locally is a requirement...

Bosch Rexroth ctrlX OS 安全漏洞

Bosch Rexroth ctrlX OS is a Linux-based real-time operating system from Bosch Rexroth, Germany, designed as an open control platform for industrial automation equipment. A security vulnerability exists in Bosch Rexroth ctrlX OS that stems from an improper login function that could lead to usernam...

CVE-2025-3728 SourceCodester Simple Hotel Booking System login buffer overflow

A vulnerability classified as critical was found in SourceCodester Simple Hotel Booking System 1.0. This vulnerability affects the function Login. The manipulation of the argument uname leads to buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed...

CVE-2025-3728 SourceCodester Simple Hotel Booking System login buffer overflow

A vulnerability classified as critical was found in SourceCodester Simple Hotel Booking System 1.0. This vulnerability affects the function Login. The manipulation of the argument uname leads to buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed...

SourceCodester Simple Hotel Booking System 安全漏洞

SourceCodester Simple Hotel Booking System is a SourceCodester open source simple hotel booking system. A security vulnerability exists in SourceCodester Simple Hotel Booking System version 1.0, which is caused by a buffer overflow due to incorrect manipulation of the uname parameter in the Login...

CVE-2025-3139

A vulnerability was found in code-projects Bus Reservation System 1.0 and classified as critical. Affected by this issue is the function Login of the component Login Form. The manipulation of the argument Str1 leads to buffer overflow. It is possible to launch the attack on the local host. The...