CVE-2025-65899

Kalmia CMS version 0.2.0 contains a user enumeration vulnerability in its authentication mechanism. The application returns different error messages for invalid users usernotfound versus valid users with incorrect passwords invalidpassword. This observable response discrepancy allows...

PT-2025-49144

Name of the Vulnerable Software and Affected Versions Kalmia CMS version 0.2.0 Description The application exhibits a user enumeration issue in its authentication process. Different error messages are returned depending on whether a user exists or not, or if the password is incorrect. Specificall...

Dinstar Monitoring Platform SQL注入漏洞

Gansu Province Dangerous Goods Depot Monitoring Platform is a digital management system for real-time monitoring of dangerous goods storage and transportation. There is a SQL injection vulnerability in the Gansu Dangerous Goods Depot Monitoring Platform of Shenzhen Dingxintongda Technology Co.,...

XenMobile: Unable to enroll devices Error: "Username and Password are Incorrect"

User is unable to enroll in XenMobile After entering username and password in SecureHub usersreceive the error: "Incorrect Username and Password are Incorrect" Users are able to authenticate in windows with the same credentials...

WordPress Essential Addons for Elementor plugin <= 5.9.13 - Authenticated (Author+) PHP Object Injection via error_resetpassword vulnerability

Authenticated Author+ PHP Object Injection via errorresetpassword vulnerability discovered by Ngô Thiên An ancorn in WordPress Plugin Essential Addons for Elementor versions = 5.9.13...

Unable to set up HA in GUI after upgrading to 14.1

After upgrading to 14.1 4.42, when trying to add HA node from GUI, the following error will be thrown even RPC password is correct. Changing RPC password from GUI will not help to resolve this issue...

September 6, 2022, update for Office 2016 (KB5002251)

September 6, 2022, update for Office 2016 KB5002251 This article describes update 5002251 for Microsoft Office 2016 that was released on September 6, 2022.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't app...

Unable to login to Citrix Access Gateway Vserver using RADIUS DUO Authentication

Incorrect user name and password via NetScaler - can't login...

Invalid password "nsgslbautosync: unable to establish master SSH connection: master process exited"

After changing the RPC passwords on our Netscalers, GSLB synchronization fails. Reverting to the default passwords allows GSLB sync to function. A non-default password is desired. Errors in the ns.log: "nsgslbautosync: Error executing command on gslb site...Reason: Error: Invalid username or...

Starbucks: Create New User Whilst Logged On

The website www.teavana.com allows users already logged on to create new account with a very simple url redirect. When an account is created a page is displayed with your account information and what you want to update. By simply refreshing the page allows you to create a new account whilst still...