User ID Enumeration

silverstripe/framework is vulnerable to user ID Enumeration. The vulnerability is due to differing error messages: non-existent users do not receive a locked out message, which allows an attacker to infer or confirm user details that exist in the member table...

GHSA-G84Q-CQ55-XWGP silverstripe/framework member disclosure in login form

There is a user ID enumeration vulnerability in our brute force error messages. - Users that don't exist in will never get a locked out message - Users that do exist, will get a locked out message This means an attacker can infer or confirm user details that exist in the member table. This issue...

TClanPortal <= 1.1.3 (id) Remote SQL Injection Exploit

No description provided by source. TClanPortal Version 3 .. Search By Google :- by TriggerTG.de 2003 - Version 3 Gr33tz :- Abducter .. SQL Injection's FOunder - | [email protected] |- Devil-00 .. SQL Injection's Exploting - | [email protected] | - Security4Arab .. A'Where Home .. WE LOVE...

PHPCMS V9 member table of contents feel free to modify the vulnerability and fix-vulnerability warning-the black bar safety net

A variable is not initialized causing the server setting registerglobal=On when members can freely modify their own member information. Due to the need registerglobal=On support, the impact is limited.. Vulnerability relates to members can modify their own balance lead to the website may have...