EUVD-2018-13389

Malware in sbrugna...

CVE-2021-3304

Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI...

CVE-2020-5517

CSRF in the /login URI in BlueOnyx 5209R allows an attacker to access the dashboard and perform scraping or other analysis...

CVE-2018-20849

Arastta eCommerce 1.6.2 is vulnerable to XSS via the PATHINFO to the login/ URI...

BlueOnyx 5209R Cross-Site Request Forgery Vulnerability

BlueOnyx 5209R is an open source web hosting solution. The product includes email, DNS and file transfer services, among others. A cross-site request forgery vulnerability exists in the /login URI in BlueOnyx 5209R. The vulnerability stems from a WEB application that does not adequately validate...

CVE-2018-20849

Arastta eCommerce 1.6.2 is vulnerable to XSS via the PATHINFO to the login/ URI...

CVE-2018-19468

HuCart 5.7.4 has SQL injection in getip in system/class/helperclass.php via the X-Forwarded-For HTTP header to the user/index.php?load=login&act=actlogin URI...

Open redirect

An issue was discovered in Open-AudIT Professional 2.1. It is possible to inject a malicious payload in the redirecturl parameter to the /login URI to trigger an open redirect. A "data:text/html;base64," payload can be used with JavaScript code...

Authentication flaw

An authentication bypass exists in the E-Sic 1.0 /index aka login URI via '=''or' values for the username and password...