EUVD-2022-49386

Malicious code in bioql PyPI...

CVE-2022-46582

TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the loginname parameter in the dographauth sub4061E0 function...

Stack overflow

TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the loginname parameter in the dographauth sub4061E0 function...

CVE-2022-46582

CVE-2022-46582 affects TRENDnet TEW755AP (v1.13B01). A stack overflow arises in the login_name parameter of the do_graph_auth (sub_4061E0) function, per multiple sources. Documented impact indicates potential arbitrary code execution on the device; CVSS appears at 9.8 (CRITICAL). No patch/version...

CVE-2022-46582

TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the loginname parameter in the dographauth sub4061E0 function...

CVE-2021-28842

Null Pointer Deference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial os service by sending the POST request to applycgi via action dographauth without loginname key...

Null pointer dereference

Null Pointer Deference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial os service by sending the POST request to applycgi via action dographauth without loginname key...

PHP Site Lock 2.0 Insecure Cookie Handling Vulnerability

No description provided by source. -------------------------------------+ Homepage:http://www.kalptarudemos.com Product: PHP Site Lock 2.0 home:www.h4ckf0ru.com ------------------------------------- PHP Site Lock 2.0 Insecure Cookie Handling Vuln ------------------------------------- Exploit:...

CVE-2009-1362

SQL injection vulnerability in administration/index.php in chCounter 3.1.3 allows remote attackers to execute arbitrary SQL commands via the loginname parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Sql injection

Multiple SQL injection vulnerabilities in stats/index.php in chCounter 3.1.3 allow remote attackers to execute arbitrary SQL commands via 1 the loginname parameter aka the username field or 2 the loginpw parameter aka the password field...

CVE-2009-1347

Multiple SQL injection vulnerabilities in stats/index.php in chCounter 3.1.3 allow remote attackers to execute arbitrary SQL commands via 1 the loginname parameter aka the username field or 2 the loginpw parameter aka the password field...

Cross site scripting

Cross-site scripting XSS vulnerability in chcounter 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the loginname parameter to /stats/...

CVE-2007-1871

CVE-2007-1871 affects chcounter 3.1.3. The vulnerability is a Cross-site Scripting (XSS) flaw in the login_name parameter to /stats/, allowing injection of arbitrary web script/HTML. Root cause: input not properly sanitized before rendering in the page. Impact: remote attackers could execute scri...

Plesk Reloaded login_up.php3 login_name Parameter XSS

The remote host is running Plesk Reloaded from SWsoft, a web-based system administration tool. The remote version of this software is vulnerable to a cross-site scripting attack because of its failure to sanitize user input to the 'loginname' parameter of the 'loginup.php3' script. This issue can...