Lucene search
+L

122 matches found

NVD
NVD
added 2024/10/25 4:15 p.m.27 views

CVE-2024-48580

SQL Injection vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code via the email parameter of the login request...

9.8CVSS0.00864EPSS
Exploits1References1
OSV
OSV
added 2024/10/25 4:15 p.m.5 views

CVE-2024-48580

SQL Injection vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code via the email parameter of the login request...

9.8CVSS6.2AI score0.00864EPSS
Exploits1References1
CVE
CVE
added 2024/10/25 12:0 a.m.63 views

CVE-2024-48579

CVE-2024-48579 : The Red Hat/NVD/other feeds describe a SQL Injection vulnerability in the PHP-based “Best House rental management system” v1.0. The issue is exploitable via the username parameter of the login API/login request, enabling a remote attacker to manipulate the SQL and potentially exe...

9.8CVSS8.4AI score0.00864EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2024/10/25 12:0 a.m.60 views

CVE-2024-48580

CVE-2024-48580 affects Best courier management system (PHP v1.0). The vulnerability is a SQL Injection in the login request’s email parameter, enabling a remote attacker to execute arbitrary code. The CVE entry reports this as a high-severity issue with CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A...

9.8CVSS8.4AI score0.00864EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2024/05/03 2:15 a.m.13 views

CVE-2023-32152

D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within...

6.5CVSS6.6AI score0.27449EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2024/05/03 2:15 a.m.8 views

CVE-2023-32148

D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within...

6.5CVSS5.8AI score0.27449EPSS
Exploits0References3
OSV
OSV
added 2024/05/03 2:15 a.m.4 views

CVE-2023-32148

D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within...

6.5CVSS5.8AI score0.27449EPSS
Exploits0References2
CVE
CVE
added 2024/05/03 1:56 a.m.63 views

CVE-2023-32152

CVE-2023-32152 concerns a authentication bypass in the web management interface of the D-Link DIR-2640 router. Multiple connected sources confirm that a specially crafted request to the web portal (listening on TCP port 80) can bypass login, allowing network-adjacent attackers to access the devic...

6.5CVSS6.6AI score0.27449EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/05/03 1:56 a.m.37 views

CVE-2023-32152 D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability

D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within...

6.5CVSS6.8AI score0.27449EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2024/01/31 4:58 p.m.389 views

Exploit for Incorrect Authorization in Miniorange Web3_-_Crypto_Wallet_Login_\&_Nft_Token_Gating

CVE-2023-6036 POC about Wordpress plugin Web3 – Crypto wallet...

9.8CVSS6.7AI score0.01773EPSS
Exploits3
OSV
OSV
added 2024/01/17 3:15 a.m.5 views

CVE-2023-25295

A Cross Site Scripting XSS vulnerability in evewa3ajax.php in GRUEN eVEWA3 Community 31 through 53 allows attackers to obtain escalated privileges via a crafted request to the login panel...

6.1CVSS5.8AI score0.0037EPSS
Exploits1References1
Citrix
Citrix
added 2023/11/17 12:0 a.m.30 views

PVS server fail to boot with error “Login request timed out”

High percentage of PVS provisioned desktop servers fail to boot. This is the sequence of the events: 1. The servers boot with an ISO. 2. The tsbbdm.bin is downloaded from the 1st PVS on the site. 3. The streaming process fails. 4. Error pops up :“Login request timed out”. Rebooting the PVS server...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/20 12:0 a.m.305 views

Wifi Soft Unibox Administration 3.0 & 3.1 - SQL Injection

Exploit Title: Wifi Soft Unibox Administration 3.0 & 3.1 Login Page - Sql Injection Google Dork: intext:"Unibox Administration 3.1", intext:"Unibox 3.0" Date: 07/2023 Exploit Author: Ansh Jain @sudoark Author Contact : [email protected] Vendor Homepage: https://www.wifi-soft.com/ Software Link:...

9.8CVSS9.7AI score0.02084EPSS
Exploits4
Zero Day Initiative
Zero Day Initiative
added 2023/05/04 12:0 a.m.26 views

D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management interface, which listens on TCP port 80 by default. ...

6.5CVSS6.9AI score0.27449EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/05/04 12:0 a.m.26 views

D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management interface, which listens on TCP port 80 by default. ...

6.5CVSS6.9AI score0.27449EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.348 views

GeoVision Camera GV-ADR2701 Authentication Bypass

Exploit Title: GeoVision Camera GV-ADR2701 - Authentication Bypass Device name: GV-ADR2701 Date: 26 December , 2020 Exploit Author: Chan Nyein Wai Vendor Homepage: https://www.geovision.com.tw/ Software Link: https://www.geovision.com.tw/download/product/ Firmware Version: V1.0020171215 Tested on...

6.8AI score
Exploits0
OSV
OSV
added 2023/03/29 7:15 p.m.5 views

CVE-2022-43622

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Login requests to the web management portal. When...

8.8CVSS6.2AI score0.01006EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/12/21 12:0 a.m.4 views

PT-2022-6581 · D Link · D-Link Dir-2640

Name of the Vulnerable Software and Affected Versions: D-Link DIR-2640 versions affected versions not specified Description: This issue allows network-adjacent attackers to bypass authentication on affected D-Link DIR-2640 routers. The flaw exists within the web management interface, which listen...

6.5CVSS6.9AI score0.27449EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2022/11/22 12:0 a.m.5 views

CVE-2022-38462

Silverstripe silverstripe/framework through 4.11 is vulnerable to XSS by carefully crafting a return URL on a /dev/build or /Security/login request...

6AI score0.00472EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 10:39 p.m.25 views

Security Bulletin: Multiple vulnerabilities in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite (CVE-2013-2953, CVE-2013-2954, CVE-2013-2955, CVE-2013-2956, CVE-2013-2957, CVE-2013-2959)

Abstract Multiple vulnerabilities have been identified in the Optim E-Business Console making the product vulnerable to phishing attacks, the interception of credentials and the bypass of login entirely. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-2953 DESCRIPTION: Use of MD5 as SSL Certifica...

7.5CVSS7.3AI score0.01263EPSS
Exploits0Affected Software1
Rows per page
Query Builder