13 matches found
EUVD-2021-24272
Malware in sbrugna...
CVE-2021-37791
MyAdmin v1.0 is affected by an incorrect access control vulnerability in viewing personal center in /api/user/userData?userCode=admin...
CVE-2021-37791
MyAdmin v1.0 is affected by an incorrect access control vulnerability in viewing personal center in /api/user/userData?userCode=admin...
CVE-2021-37791
MyAdmin v1.0 is affected by an incorrect access control vulnerability in viewing personal center in /api/user/userData?userCode=admin...
Improper access control
MyAdmin v1.0 is affected by an incorrect access control vulnerability in viewing personal center in /api/user/userData?userCode=admin...
CVE-2021-37791
CVE-2021-37791 affects MyAdmin v1.0 and is caused by an incorrect access control in the /api/user/userData?userCode=admin endpoint, exposing personal center data. The NVD entry lists CVSSv2 4.0 (MEDIUM) and CVSSv3.1 4.9 (MEDIUM); impact is confidentiality-only in CVSSv2 and high confidentiality i...
CVE-2021-37791
MyAdmin v1.0 is affected by an incorrect access control vulnerability in viewing personal center in /api/user/userData?userCode=admin...
PT-2022-10670 · Myadmin · Myadmin
Name of the Vulnerable Software and Affected Versions: MyAdmin version 1.0 Description: The issue is related to an incorrect access control vulnerability in viewing the personal center. This vulnerability is exploited through the "/api/user/userData" endpoint, specifically when the userCode is se...
MyAdmin 安全漏洞
MyAdmin is a backend management system for cdfan personal developers. A security vulnerability exists in MyAdmin v1.0, which stems from an incorrect access control vulnerability when viewing the Personal Center in /api/user/userData?userCode=admin...
SQL injection relating to data display
More info at https://www.phpmyadmin.net/security/PMASA-2020-4/...
[SECURITY] Fedora 26 Update: php-phpmyadmin-motranslator-4.0-1.fc26
Translation API for PHP using Gettext MO files. Features All strings are stored in memory for fast lookup Fast loading of MO files Low level API for reading MO files Emulation of Gettext API No use of eval for plural equation Limitations Not suitable for huge MO files which you don't want to stor...
Mail.ru: [my.mail.ru] HTML injection в письмах от [email protected]
1 Создаем группу и приглашаем в нее пользователей https://my.mail.ru/my/editcommunity 2 Меняем название группы на !-- 3 Устанавливаем пользователям права модератора или смотрителя https://my.mail.ru/community/blahblahgroup/communityaccess 4 Откатываем права и меняем название назад В результате...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in myadmin/index.php in NextAge Shopping Cart allow remote attackers to inject arbitrary web script or HTML via the 1 username and 2 password parameters...