Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-13389

Malware in sbrugna...

6.1CVSS6.3AI score0.00978EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 6:34 p.m.9 views

CVE-2021-3304

Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI...

9.8CVSS7.6AI score0.01261EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:42 p.m.6 views

CVE-2020-5517

CSRF in the /login URI in BlueOnyx 5209R allows an attacker to access the dashboard and perform scraping or other analysis...

6.5CVSS7AI score0.00639EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:42 a.m.7 views

CVE-2018-20849

Arastta eCommerce 1.6.2 is vulnerable to XSS via the PATHINFO to the login/ URI...

6.1CVSS5.9AI score0.00978EPSS
Exploits1References1
Prion
Prion
added 2020/06/08 5:15 p.m.14 views

Code injection

The dashboard in WhiteSource Application Vulnerability Management AVM before version 20.4.1 allows Log Injection via a %0A%0D substring in the idp parameter to the /saml/login URI. This closes the current log and creates a new log with one line of data. The attacker can also insert malicious data...

5CVSS7.5AI score0.00995EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/05/06 12:0 a.m.4 views

BlueOnyx 5209R Cross-Site Request Forgery Vulnerability

BlueOnyx 5209R is an open source web hosting solution. The product includes email, DNS and file transfer services, among others. A cross-site request forgery vulnerability exists in the /login URI in BlueOnyx 5209R. The vulnerability stems from a WEB application that does not adequately validate...

6.5CVSS6.9AI score0.00639EPSS
Exploits1References1
CVE
CVE
added 2020/05/05 5:5 p.m.64 views

CVE-2020-5517

CVE-2020-5517 is a CSRF vulnerability in the /login URI of BlueOnyx 5209R. The issue allows an attacker to gain access to the dashboard and perform scraping/analysis. Affected product: BlueOnyx 5209R; vulnerable component is the CSRF protection on /login. Impact: unauthorized access to the dashbo...

6.5CVSS6.4AI score0.00639EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2019/06/30 7:15 p.m.17 views

CVE-2018-20849

Arastta eCommerce 1.6.2 is vulnerable to XSS via the PATHINFO to the login/ URI...

6.1CVSS6AI score0.00978EPSS
Exploits1References1
NVD
NVD
added 2018/11/23 5:29 a.m.18 views

CVE-2018-19468

HuCart 5.7.4 has SQL injection in getip in system/class/helperclass.php via the X-Forwarded-For HTTP header to the user/index.php?load=login&act=actlogin URI...

9.8CVSS9.9AI score0.01135EPSS
Exploits1References1
Prion
Prion
added 2018/03/26 5:29 p.m.14 views

Open redirect

An issue was discovered in Open-AudIT Professional 2.1. It is possible to inject a malicious payload in the redirecturl parameter to the /login URI to trigger an open redirect. A "data:text/html;base64," payload can be used with JavaScript code...

5.8CVSS6.1AI score0.00699EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2017/10/23 8:29 a.m.13 views

Authentication flaw

An authentication bypass exists in the E-Sic 1.0 /index aka login URI via '=''or' values for the username and password...

7.5CVSS9.6AI score0.0273EPSS
Exploits0References2Affected Software1
seebug.org
seebug.org
added 2009/07/28 12:0 a.m.22 views

Allomani Mobile 2.5 Remote Blind SQL Injection Exploit

No description provided by source. ?php iniset"maxexecutiontime",0; printr' || || | || o,7 || . o7 || q||| o///, : / / . /QQQQQQQQQQQQQQQQQQQ\ q Allomani Mobile v2.5 /QQQ/\QQQ\ Blind SQL inj. exploit /QQQQQ/ \QQQQQQ\ q GET 3 /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ q http://allomani.com |QQQQ/ By Qabandi \QQQQ...

7.1AI score
Exploits0
Rows per page
Query Builder