CVE-2021-3118

EVOLUCARE ECSIMAGING aka ECS Imaging through 6.21.5 has multiple SQL Injection issues in the login form and the password-forgotten form such as /reqpassworduser.php?email=. This allows an attacker to steal data in the database and obtain access to the application. The database component runs as...

Sql injection

UNSUPPORTED WHEN ASSIGNED EVOLUCARE ECSIMAGING aka ECS Imaging through 6.21.5 has multiple SQL Injection issues in the login form and the password-forgotten form such as /reqpassworduser.php?email=. This allows an attacker to steal data in the database and obtain access to the application. The...

CVE-2021-3118

EVOLUCARE ECSIMAGING aka ECS Imaging through 6.21.5 has multiple SQL Injection issues in the login form and the password-forgotten form such as /reqpassworduser.php?email=. This allows an attacker to steal data in the database and obtain access to the application. The database component runs as...

CVE-2021-3118

EVOLUCARE ECSIMAGING (aka ECS Imaging) vulnerable up to version 6.21.5 due to multiple SQL Injection flaws in the login form and the password-forgotten form (e.g., /req_password_user.php?email=). The database component runs as root, enabling data theft and potential full access to the application...

UBUNTU-CVE-2020-7996

htdocs/user/passwordforgotten.php in Dolibarr 10.0.6 allows XSS via the Referer HTTP header...

CVE-2009-5076

CRE Loaded before 6.2.14, and possibly other versions before 6.3.x, allows remote attackers to bypass authentication and gain administrator privileges via a request with 1 login.php or 2 passwordforgotten.php appended as the PATHINFO, which bypasses a check that uses PHPSELF, which is not properl...

VulnCheck KEV: CVE-2009-5076

CRE Loaded before 6.2.14, and possibly other versions before 6.3.x, allows remote attackers to bypass authentication and gain administrator privileges via a request with 1 login.php or 2 passwordforgotten.php appended as the PATHINFO, which bypasses a check that uses PHPSELF, which is...

PT-2011-1330 · Cre Loaded · Cre Loaded

Name of the Vulnerable Software and Affected Versions: CRE Loaded versions prior to 6.3.x CRE Loaded version 6.2.14 and earlier Description: The issue allows remote attackers to bypass authentication and gain administrator privileges. This is achieved by sending a request with specific PHP files,...

NOD32 control center is password forgotten solution-vulnerability warning-the black bar safety net

DRL Zeroliz Many of my friends have used NOD32, this excellent anti-virus software, however, if the Control Center have set a password, but rather and the password is forgotten? Look here. Delete the registry a little content on it. HKEYLOCALMACHINE\SOFTWARE\Eset\Nod\CurrentVersion\Info "PackageI...