EUVD-2009-0741

Malware in sbrugna...

EUVD-2009-3774

Malware in sbrugna...

CVE-2020-6956

PCS DEXICON 3.4.1 allows XSS via the loginName parameter in loginaction.jsp...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure through the normalization of the loginname attribute. An attacker can determine if a username exists in the system by observing the response behavior during the login process. Remediation Upgrade...

CVE-2024-9048

A vulnerability was found in yproject RuoYi up to 4.7.9. It has been declared as problematic. Affected by this vulnerability is the function SysUserServiceImpl of the file ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java of the component Backend User Import. The...

RuoYi 跨站脚本漏洞

RuoYi is a backend management system developed by a Chinese individual developer, RuoYi. A cross-site scripting vulnerability exists in RuoYi 4.7.9 and earlier versions, which stems from improper handling of the loginName parameter in the user import function in the backend, resulting in a...

Cross-Site Scripting (XSS)

froxlor/froxlor is vulnerable to Cross-Site Scripting. The vulnerability is due to inadequate sanitization of user input in the loginname parameter during failed login attempts, which allows attackers to inject and store malicious scripts that are executed when an administrator views the System...

CVE-2018-11012

ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java...

Cross site scripting

ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java...

CVE-2018-11012

ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java...

ZOHO ManageEngine Recovery Manager Plus Cross-Site Scripting Vulnerability

ZOHO ManageEngine Recovery Manager Plus is a backup and disaster recovery solution from ZOHO. The solution is capable of backing up and recovering Active Directory, virtual environments, Windows servers and more. A cross-site scripting vulnerability exists in ZOHO ManageEngine Recovery Manager...

CVE-2018-9163

A stored Cross-site scripting XSS vulnerability in Zoho ManageEngine Recovery Manager Plus before 5.3 Build 5350 allows remote authenticated users with Add New Technician permissions to inject arbitrary web script or HTML via the loginName field to technicianAction.do...

Cobham Sea Tel Information Disclosure Vulnerability

Cobham Sea Tel is a suite of wireless communication terminals from Cobham UK. An information disclosure vulnerability exists in Cobham Sea Tel version 121 build 222701. An attacker can exploit this vulnerability by reading the loginName line in the js/userLogin.js URI to obtain sensitive...

Default credentials

Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information about valid usernames by reading the loginName lines at the js/userLogin.js URI. NOTE: default passwords for the standard usernames are listed in the product's documentation: Dealer with...

CVE-2018-5266

Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information about valid usernames by reading the loginName lines at the js/userLogin.js URI. NOTE: default passwords for the standard usernames are listed in the product's documentation: Dealer with...

CVE-2018-5266

Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information about valid usernames by reading the loginName lines at the js/userLogin.js URI. NOTE: default passwords for the standard usernames are listed in the product's documentation: Dealer with...

CVE-2018-5266

Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information about valid usernames by reading the loginName lines at the js/userLogin.js URI. NOTE: default passwords for the standard usernames are listed in the product's documentation: Dealer with...

CVE-2016-6840

Cross-site scripting XSS vulnerability in the management interface in Huawei OceanStor ISM before V200R001C04SPC200 allows remote attackers to inject arbitrary web script or HTML via the loginName parameter to cgi-bin/doLoginCgiEntry and possibly other unspecified vectors...

CVE-2016-6840

Cross-site scripting XSS vulnerability in the management interface in Huawei OceanStor ISM before V200R001C04SPC200 allows remote attackers to inject arbitrary web script or HTML via the loginName parameter to cgi-bin/doLoginCgiEntry and possibly other unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the management interface in Huawei OceanStor ISM before V200R001C04SPC200 allows remote attackers to inject arbitrary web script or HTML via the loginName parameter to cgi-bin/doLoginCgiEntry and possibly other unspecified vectors...