36 matches found
CVE-2026-1582
The WP All Export plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.14 via the export download endpoint. This is due to a PHP type juggling vulnerability in the security token comparison which uses loose comparison == instead of strict...
CVE-2026-1582 WP All Export <= 1.4.14 - Unauthenticated Sensitive Information Exposure via PHP Type Juggling
The WP All Export plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.14 via the export download endpoint. This is due to a PHP type juggling vulnerability in the security token comparison which uses loose comparison == instead of strict...
PT-2026-20386
The WP All Export plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.14 via the export download endpoint. This is due to a PHP type juggling vulnerability in the security token comparison which uses loose comparison == instead of strict...
CVE-2020-23355
PRODUCT NOT SUPPORTED WHEN ASSIGNED Codiad 2.8.4 /componetns/user/class.user.php:Authenticate is vulnerable in magic hash authentication bypass. If encrypted or hash value for the passwords form certain formats of magic hash, e.g, 0e123, another hash value 0e234 something can successfully...
EUVD-2020-16100
Malware in sbrugna...
EUVD-2025-20092
Malicious code in bioql PyPI...
EUVD-2022-3169
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-45691
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose...
NetAlertX 安全漏洞
NetAlertX is a network intruder and presence detector from the individual developer of jokob-sk. A security vulnerability exists in NetAlertX versions prior to 25.6.7, which stems from a SHA-256 magic hash authentication bypass that could lead to login bypass...
BIT-MOODLE-2024-45691 Moodle: lesson activity password bypass through php loose comparison
A flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose comparison in the password-checking logic. This issue only affected passwords set to "magic hash" values...
CVE-2020-23352
Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP loose comparison and a magic hash can be used to bypass authentication. zbuser/plugin/passwordvisit/include.php:passwordvisitinputpassword uses loose comparison to authenticate, which can be bypassed via magic hash values...
Password Bypass
moodle/moodle is vulnerable to Password Bypass. The vulnerability is due to loose comparison in the password-checking logic, allowing certain "magic hash" values to bypass password restrictions...
Moodle Lesson activity password bypass through PHP loose comparison
A flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose comparison in the password-checking logic. This issue only affected passwords set to "magic hash" values...
CVE-2024-45691
A flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose comparison in the password-checking logic. This issue only affected passwords set to "magic hash" values...
UBUNTU-CVE-2024-45691
A flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose comparison in the password-checking logic. This issue only affected passwords set to "magic hash" values...
Improper Authentication
Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Improper Authentication due to a loose comparison in the password-checking logic to access the Lesson activity. Note: This only affects passwords that are set to "magic hash" values. Workaround User...
CVE-2024-45691 Moodle: lesson activity password bypass through php loose comparison
A flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose comparison in the password-checking logic. This issue only affected passwords set to "magic hash" values...
CVE-2024-45691 Moodle: lesson activity password bypass through php loose comparison
A flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose comparison in the password-checking logic. This issue only affected passwords set to "magic hash" values...
PT-2024-8661 · Moodle +2 · Moodle +2
Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: The issue is related to a flaw in the authentication procedure when handling "magic hash" passwords. This flaw can allow a remote attacker to bypass the authentication process due to a loose...
Exploit for Type Confusion in Macs_Cms_Project Macs_Cms
CVE-2023-43154 - Macs Framework v1.1.4f CMS Type Confusion Vul...