CVE-2025-41012 Unauthorized access vulnerability in TCMAN GIM

Unauthorized access vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system by using the 'pda:userId' and 'pda:newPassword' parameters with 'soapaction UnlockUser’ in '/WS/PDAWebService.asmx'...

EUVD-2023-33204

Malicious code in bioql PyPI...

Employee Record Management System /resetpassword.php File SQL Injection Vulnerability

Employee Record Management System is an employee record management system. Employee Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter newpassword in the file /resetpassword.php. An...

CVE-2025-5782

A vulnerability, which was classified as critical, has been found in PHPGurukul Employee Record Management System 1.3. Affected by this issue is some unknown functionality of the file /resetpassword.php. The manipulation of the argument newpassword leads to sql injection. The attack may be launch...

PHPGurukul Employee Record Management System 注入漏洞

Employee Record Management System is an employee record management system. Employee Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter newpassword in the file /resetpassword.php. An...

CVE-2023-29665

D-Link DIR823GV1.0.2B05 was discovered to contain a stack overflow via the NewPassword parameters in SetPasswdSettings...

D-Link DIR-823G 缓冲区错误漏洞

The D-Link DIR-823G is a wireless router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-823G version V1.0.2B05, which originates from a boundary error in the NewPassword parameter parameter when handling untrusted input. A remote attacker could exploit this...

CVE-2023-29665

CVE-2023-29665 affects D-Link DIR823G_V1.0.2B05. A stack overflow is triggered via the NewPassword parameter in SetPasswdSettings, caused by a boundary/input handling issue. Reported impact includes potential arbitrary code execution or denial of service, with CVSSv3.1 base score 9.8 (CRITICAL, N...

PT-2023-22354 · D Link · D-Link Dir-823G

Name of the Vulnerable Software and Affected Versions: D-Link DIR823G version 1.0.2B05 Description: A stack overflow issue was discovered via the NewPassword parameters in SetPasswdSettings. Recommendations: For D-Link DIR823G version 1.0.2B05, avoid using the NewPassword parameter in the...

CVE-2023-29665

D-Link DIR823GV1.0.2B05 was discovered to contain a stack overflow via the NewPassword parameters in SetPasswdSettings...

CVE-2020-35848

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php newpassword function...

Agentejo Cockpit NoSQL Injection Vulnerability

Agentejo Cockpit is a self-hosted "headless" and api driven lightweight, open source content management system. A NoSQL injection vulnerability exists in Agentejo Cockpit prior to version 0.11.2. The vulnerability can be exploited to conduct a NoSQL injection attack via the Controller/Auth.php...

PhpcmsV9 arbitrary user password modification logic vulnerability-vulnerability warning-the black bar safety net

I actually sent the first vulnerability, see Tick: PhpcmsV9 SQL injection 2 0 1 3-year new year the first Mentioned pass code: parsestrsysauth$POST'data', 'DECODE', $this-applist$this-appid'authkey', $this-data; In phpssoserver/phpcms/modules/phpsso/classes/phpsso. class. php. I leave it up to yo...

CVE-2008-3758

Multiple cross-site scripting XSS vulnerabilities in Lussumo Vanilla 1.1.4 and earlier 1 allow remote attackers to inject arbitrary web script or HTML via the NewPassword parameter to people.php, and allow remote authenticated users to inject arbitrary web script or HTML via the 2 Account picture...

Blogator-script 0.95 Change User Password Vulnerability

No description provided by source. ...:::::Blogator-script 0.95 Change User Password Vulnerbility ::::.... Virangar Security Team www.virangar.org www.virangar.net -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members &...