33 matches found
EUVD-2024-39113
Malicious code in bioql PyPI...
EUVD-2024-21907
Malicious code in bioql PyPI...
Small CRM Session Hijacking Vulnerability
Small CRM is a customer relationship management system. Small CRM suffers from a session hijacking vulnerability that stems from the /crm/change-password.php component not terminating a session properly. No details of the vulnerability are available at this time...
PHPGurukul Small CRM 安全漏洞
Small CRM is a customer relationship management system. Small CRM suffers from a session hijacking vulnerability that stems from the /crm/change-password.php component not terminating a session properly. No details of the vulnerability are available at this time...
PT-2025-31130 · Phpgurukul · Phpgurukul Doctor Appointment Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Doctor Appointment Management System version 1 Description: Improper session invalidation in the /doctor/change-password.php component allows attackers to execute a session hijacking attack. Recommendations: At the moment, there is...
PT-2025-31135 · Phpgurukul · Phpgurukul Student Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Student Result Management System version 2.0 Description: The application suffers from improper session invalidation within the /srms/change-password.php component. This flaw enables attackers to perform session hijacking...
PT-2025-31147 · Unknown · Phpgurukul Online Course Registration System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Course Registration version 3.1 Description: Improper session invalidation in the /crm/change-password.php component allows attackers to execute a session hijacking attack. Recommendations: Address the session invalidation...
CVE-2024-30977
An issue in Secnet Security Network Intelligent AC Management System v.1.02.040 allows a local attacker to escalate privileges via the password component...
CVE-2024-24488
An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allows a local attacker to obtain sensitive information via the password component...
CVE-2025-45947
An issue in phpgurukul Online Banquet Booking System V1.2 allows an attacker to execute arbitrary code via the /obbs/change-password.php file of the My Account - Change Password component...
CVE-2025-45953
A vulnerability was found in PHPGurukul Hostel Management System 2.1 in the /hostel/change-password.php file of the user panel - Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely...
PT-2025-18112 · Unknown · Phpgurukul User Registration & Login/User Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul User Registration & Login and User Management System version 3.3 Description: A critical issue was found in the /loginsystem/change-password.php file of the user panel's Change Password component. Improper handling of session data...
CVE-2025-45953
A vulnerability was found in PHPGurukul Hostel Management System 2.1 in the /hostel/change-password.php file of the user panel - Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely...
CVE-2025-29529
ITC Systems Multiplan/Matrix OneCard platform v3.7.4.1002 was discovered to contain a SQL injection vulnerability via the component Forgotpassword.aspx...
CVE-2025-29529
ITC Systems Multiplan/Matrix OneCard platform v3.7.4.1002 was discovered to contain a SQL injection vulnerability via the component Forgotpassword.aspx...
PT-2024-29474 · Unknown · Neuq Board
Name of the Vulnerable Software and Affected Versions: NEUQ board version 1.0 Description: A Buffer Overflow issue in the password.h component allows a remote attacker to cause a denial of service. Recommendations: For NEUQ board version 1.0, consider restricting access to the password.h componen...
CVE-2024-41631
Buffer Overflow vulnerability in host-host NEUQboard v.1.0 allows a remote attacker to cause a denial of service via the password.h component...
CVE-2024-30977
An issue in Secnet Security Network Intelligent AC Management System v.1.02.040 allows a local attacker to escalate privileges via the password component...
CVE-2024-30977
An issue in Secnet Security Network Intelligent AC Management System v.1.02.040 allows a local attacker to escalate privileges via the password component...
CVE-2024-30977
Secnet Security Network Intelligent AC Management System v1.02.040 contains a local privilege escalation via the password component. The issue is documented across multiple sources (NVD/Red Hat/CVE listings) with CVSS v3.1: AV:L/AC:L/PR:L/UI:N/S:U, C:H/I:H/A:H, score 7.8. No patch/version with fi...