CVE-2023-41527

Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the password2 parameter in func.php...

Hospital Management System 安全漏洞

Hospital Management System is a hospital management system by Kishan Lal, an individual developer. A security vulnerability exists in Hospital Management System version 4, which originates from SQL injection due to incorrect manipulation of parameter password2 in file...

CVE-2025-4497

A vulnerability was found in code-projects Simple Banking System up to 1.0. It has been rated as critical. This issue affects some unknown processing of the component Sign In. The manipulation of the argument password2 leads to buffer overflow. Attacking locally is a requirement. The exploit has...

CVE-2020-8494

In Kronos Web Time and Attendance webTA 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H402editUser servlet allows an attacker with Timekeeper, Master Timekeeper, or HR Admin privileges to gain unauthorized administrative privileges within the application via the empid, userid, pw...

The vulnerability of the Endian Firewall, which allows a hacker to execute arbitrary commands

The vulnerability of the Endian Firewall is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending metascripts through the NEWPASSWORD1 or NEWPASSWORD2 parameter in the cgi-bin/chpasswd.cgi file...

Endian Firewall OS Command Injection Vulnerability

Endian Firewall is a suite of unified risk management tools based on Red Hat Enterprise Linux. The Endian Firewall cgi-bin/chpasswd.cgi file fails to adequately filter the 'NEWPASSWORD1' and 'NEWPASSWORD2' parameters, allowing remote attacker to submit special requests to execute arbitrary comman...