CVE-2026-8803

A flaw has been found in opensourcepos Open Source Point of Sale up to 3.4.2. Impacted is the function Login of the file app/Models/Employee.php of the component Employee Login. This manipulation causes use of weak hash. Remote exploitation of the attack is possible. The attack is considered to...

CVE-2026-4021 Contest Gallery <= 28.1.5 - Unauthenticated Privilege Escalation Admin Account Takeover via Registration Confirmation Email-to-ID Type Confusion

The Contest Gallery plugin for WordPress is vulnerable to an authentication bypass leading to admin account takeover in all versions up to, and including, 28.1.5. This is due to the email confirmation handler in users-registry-check-after-email-or-pin-confirmation.php using the user's email strin...

CVE-2012-10047

CVE-2012-10047 concerns Cyclope Employee Surveillance Solution, version 6.x. A SQL injection flaw in the login flow (auth-login) arises because the username parameter is not properly sanitized, enabling an attacker to inject arbitrary SQL. According to connected documents, this can be leveraged t...

PT-2023-32444 · Byzoro · Byzoro Smart S85F Management Platform

Name of the Vulnerable Software and Affected Versions: Byzoro Smart S85F Management Platform version V31R02B10-01 Description: A problematic issue was found in the Byzoro Smart S85F Management Platform, affecting an unknown function of the file /login.php. The manipulation of the txt newpwd...

PT-2022-12294

Name of the Vulnerable Software and Affected Versions MEPSAN's USC+ versions prior to 3.0 Description A weakness in the login function of the affected software allows attackers to generate high-privileged account passwords. Recommendations For versions prior to 3.0, update to version 3.0 or later...

CVE-2021-33617

Zoho ManageEngine Password Manager Pro before 11.2 11200 allows login/AjaxResponse.jsp?RequestType=GetUserDomainName&userName= username enumeration, because the response to a failed login request is null only when the username is invalid...

Weak Password Vulnerability in Tianqing Web Application Security Gateway

SkyQuest Web Application Security Gateway is a new generation of Web security protection and application delivery application security product developed by Qisda, which is used to defend against attacks targeting Web application vulnerabilities, analyze HTTP/HTTPS traffic on Web servers and...

Month Of Abysssec Undisclosed Bugs - Rainbow Portal 2.0

''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ ''' abysssec Inc Public Advisory 1 Advisory information Title : Rainbowportal Multiple Remote Vulnerabilities Version : Rainbow 2.0 Production/Stable 2.0.0.1881e VS 2005 | VS...

Rainbowportal Multiple Remote Vulnerabilities

Exploit for asp platform in category web applications ============================================= Rainbowportal Multiple Remote Vulnerabilities ============================================= 1 Advisory information Title : Rainbowportal Multiple Remote Vulnerabilities Version : Rainbow 2.0...

rainbowportal - Multiple Vulnerabilities

rainbowportal - Multiple Vulnerabilities ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ ''' abysssec Inc Public Advisory 1 Advisory information Title : Rainbowportal Multiple Remote Vulnerabilities Version : Rainbow 2.0...

rainbowportal - Multiple Vulnerabilities

''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ ''' abysssec Inc Public Advisory 1 Advisory information Title : Rainbowportal Multiple Remote Vulnerabilities Version : Rainbow 2.0 Production/Stable 2.0.0.1881e VS 2005 | VS...

Дырка в ConsoleServer &#40;login weakness, information gethering&#41;

В telnet не ограничено число попыток ввода пароля, Через административное подключение до логина можно узнать важную информацию о системе...