53 matches found
CVE-2017-18573
The simple-login-log plugin before 1.1.2 for WordPress has SQL injection...
EUVD-2019-4880
Malware in sbrugna...
EUVD-2025-4487
Malicious code in bioql PyPI...
EUVD-2025-25356
Malicious code in bioql PyPI...
CVE-2025-49438
Deserialization of Untrusted Data vulnerability in Max Chirkov Simple Login Log allows Object Injection. This issue affects Simple Login Log: from n/a through 1.1.3...
CVE-2025-49438
Deserialization of Untrusted Data vulnerability in Max Chirkov Simple Login Log allows Object Injection. This issue affects Simple Login Log: from n/a through 1.1.3...
CVE-2025-49438 WordPress Simple Login Log plugin <= 1.1.3 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Max Chirkov Simple Login Log allows Object Injection. This issue affects Simple Login Log: from n/a through 1.1.3...
CVE-2025-49438 WordPress Simple Login Log plugin <= 1.1.3 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Max Chirkov Simple Login Log allows Object Injection. This issue affects Simple Login Log: from n/a through 1.1.3...
PT-2025-33956 · Unknown · Simple-Login-Log
Name of the Vulnerable Software and Affected Versions: Simple Login Log versions through 1.1.3 Description: Deserialization of untrusted data in Simple Login Log allows object injection. Recommendations: Update Simple Login Log to a version later than 1.1.3...
WordPress plugin和WordPress 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress Simple Login Log plugin <= 1.1.3 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by mcdruid in WordPress Plugin Simple Login Log versions = 1.1.3...
CVE-2017-20056
A vulnerability was found in weblizar User Login Log Plugin 2.2.1. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting Stored. It is possible to launch the attack remotely. The exploit has been disclosed to the public and ma...
CVE-2024-55159
GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the SortName parameter at /system/loginLog/list...
CVE-2024-55159
GFast v2–v3.2 contains a SQL injection vulnerability in the SortName parameter exposed at /system/loginLog/list. Affected versions are 2 through 3.2. The issue is evidenced in multiple sources (e.g., PT-2025-7444) with a recommended workaround: restrict access to the /system/loginLog/list endpoin...
CVE-2024-55159
GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the SortName parameter at /system/loginLog/list...
PT-2025-7444 · Gfast · Gfast
Name of the Vulnerable Software and Affected Versions: GFast versions 2 through 3.2 Description: A SQL injection issue was discovered via the SortName parameter at the "/system/loginLog/list" API endpoint. This allows for potential exploitation. Recommendations: For versions 2 through 3.2, as a...
CVE-2024-42349 FOG has a Log Information Disclosure
FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.4 and earlier can leak authorized and rejected logins via logs stored directly on the root of the web server. FOG Server creates 2 logs on the root of the web server fogloginaccepted.log and fogloginfailed.log...
WordPress plugin User Login Log cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2017-20056
A vulnerability was found in weblizar User Login Log Plugin 2.2.1. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting Stored. It is possible to launch the attack remotely. The exploit has been disclosed to the public and ma...
CVE-2017-20056
A vulnerability was found in weblizar User Login Log Plugin 2.2.1. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting Stored. It is possible to launch the attack remotely. The exploit has been disclosed to the public and ma...