122 matches found
CVE-2024-48580
SQL Injection vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code via the email parameter of the login request...
CVE-2024-48580
SQL Injection vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code via the email parameter of the login request...
CVE-2024-48579
CVE-2024-48579 : The Red Hat/NVD/other feeds describe a SQL Injection vulnerability in the PHP-based “Best House rental management system” v1.0. The issue is exploitable via the username parameter of the login API/login request, enabling a remote attacker to manipulate the SQL and potentially exe...
CVE-2024-48580
CVE-2024-48580 affects Best courier management system (PHP v1.0). The vulnerability is a SQL Injection in the login request’s email parameter, enabling a remote attacker to execute arbitrary code. The CVE entry reports this as a high-severity issue with CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A...
CVE-2023-32152
D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within...
CVE-2023-32148
D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within...
CVE-2023-32148
D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within...
CVE-2023-32152
CVE-2023-32152 concerns a authentication bypass in the web management interface of the D-Link DIR-2640 router. Multiple connected sources confirm that a specially crafted request to the web portal (listening on TCP port 80) can bypass login, allowing network-adjacent attackers to access the devic...
CVE-2023-32152 D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability
D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within...
Exploit for Incorrect Authorization in Miniorange Web3_-_Crypto_Wallet_Login_\&_Nft_Token_Gating
CVE-2023-6036 POC about Wordpress plugin Web3 – Crypto wallet...
CVE-2023-25295
A Cross Site Scripting XSS vulnerability in evewa3ajax.php in GRUEN eVEWA3 Community 31 through 53 allows attackers to obtain escalated privileges via a crafted request to the login panel...
PVS server fail to boot with error “Login request timed out”
High percentage of PVS provisioned desktop servers fail to boot. This is the sequence of the events: 1. The servers boot with an ISO. 2. The tsbbdm.bin is downloaded from the 1st PVS on the site. 3. The streaming process fails. 4. Error pops up :“Login request timed out”. Rebooting the PVS server...
Wifi Soft Unibox Administration 3.0 & 3.1 - SQL Injection
Exploit Title: Wifi Soft Unibox Administration 3.0 & 3.1 Login Page - Sql Injection Google Dork: intext:"Unibox Administration 3.1", intext:"Unibox 3.0" Date: 07/2023 Exploit Author: Ansh Jain @sudoark Author Contact : [email protected] Vendor Homepage: https://www.wifi-soft.com/ Software Link:...
D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management interface, which listens on TCP port 80 by default. ...
D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management interface, which listens on TCP port 80 by default. ...
GeoVision Camera GV-ADR2701 Authentication Bypass
Exploit Title: GeoVision Camera GV-ADR2701 - Authentication Bypass Device name: GV-ADR2701 Date: 26 December , 2020 Exploit Author: Chan Nyein Wai Vendor Homepage: https://www.geovision.com.tw/ Software Link: https://www.geovision.com.tw/download/product/ Firmware Version: V1.0020171215 Tested on...
CVE-2022-43622
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Login requests to the web management portal. When...
PT-2022-6581 · D Link · D-Link Dir-2640
Name of the Vulnerable Software and Affected Versions: D-Link DIR-2640 versions affected versions not specified Description: This issue allows network-adjacent attackers to bypass authentication on affected D-Link DIR-2640 routers. The flaw exists within the web management interface, which listen...
CVE-2022-38462
Silverstripe silverstripe/framework through 4.11 is vulnerable to XSS by carefully crafting a return URL on a /dev/build or /Security/login request...
Security Bulletin: Multiple vulnerabilities in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite (CVE-2013-2953, CVE-2013-2954, CVE-2013-2955, CVE-2013-2956, CVE-2013-2957, CVE-2013-2959)
Abstract Multiple vulnerabilities have been identified in the Optim E-Business Console making the product vulnerable to phishing attacks, the interception of credentials and the bypass of login entirely. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-2953 DESCRIPTION: Use of MD5 as SSL Certifica...