SUSE CVE-2026-28342

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.2, the PasswordHash API endpoint allows unauthenticated users to trigger excessive memory allocation by sending concurrent password hashing requests. By issuing multiple parallel requests, an attacke...

GO-2026-4584 OliveTin has Unauthenticated Denial of Service via Memory Exhaustion in PasswordHash API Endpoint in github.com/OliveTin/OliveTin

OliveTin has Unauthenticated Denial of Service via Memory Exhaustion in PasswordHash API Endpoint in github.com/OliveTin/OliveTin...

CVE-2026-28342 OliveTin: Unauthenticated Denial of Service via Memory Exhaustion in PasswordHash API Endpoint

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.2, the PasswordHash API endpoint allows unauthenticated users to trigger excessive memory allocation by sending concurrent password hashing requests. By issuing multiple parallel requests, an attacke...

OliveTin 安全漏洞

OliveTin is an open-source web application developed by OliveTin. Versions of OliveTin prior to 3.00.10.2 contained security vulnerabilities. These vulnerabilities stemmed from the PasswordHash API endpoint, which allowed unverified users to trigger excessive memory allocation, potentially leadin...

GHSA-PC8G-78PF-4XRP OliveTin has Unauthenticated Denial of Service via Memory Exhaustion in PasswordHash API Endpoint

Summary The PasswordHash API endpoint allows unauthenticated users to trigger excessive memory allocation by sending concurrent password hashing requests. By issuing multiple parallel requests, an attacker can exhaust available container memory, leading to service degradation or complete denial o...

PT-2026-22700

Name of the Vulnerable Software and Affected Versions OliveTin versions prior to 3000.10.2 Description The PasswordHash API endpoint allows unauthenticated users to trigger excessive memory allocation by sending concurrent password hashing requests. Issuing multiple parallel requests can exhaust...

PT-2022-26109 · Ez Systems · Ezplatform-Graphql

Name of the Vulnerable Software and Affected Versions: ezplatform-graphql versions prior to 1.0.13 ezplatform-graphql versions prior to 2.3.12 Description: The issue concerns the exposure of password hashes of users who have created or modified content, typically administrators and editors, throu...

GetSimple CMS 3.3.4 - Information Disclosure

Exploit Title: GetSimple CMS 3.3.4 - Information Disclosure Date 01.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: http://get-simple.info/ Software Link: https://github.com/GetSimpleCMS/GetSimpleCMS/archive/refs/tags/v3.3.4.zip Version: 3.3.4 CVE: CVE-2014-8722 Documentation:...

PHP Email Manager - 'remove.php?ID' SQL Injection

===========================================|- Mtrb3 hena Security-Code ===========================================|- script :- PHP Email Manager Downlode:-http://webscripts.softpedia.com/script/Mailing-List-Managers/PHP-eMail-Manager-30652.html Dork:-PHPEmailManager Found by :- MuShTaQ from :-...

Bigware Shop 2.0 pollid Remote SQL Injection Vulnerability

No description provided by source. Bigware Shop 2.0 Bug found by D4m14n Vendor: http://www.bigware.de/ Vuln. Version: 2.0 prior versions also may be affected Email: [email protected] GoogleDork: "Diese Shopsoftware wurde entwickelt von Bigware" There's a SQL-Injection in...

bigware-sql.txt

Bigware Shop 2.0 Bug found by D4m14n Vendor: http://www.bigware.de/ Vuln. Version: 2.0 prior versions also may be affected Email: [email protected] GoogleDork: "Diese Shopsoftware wurde entwickelt von Bigware" There's a SQL-Injection in "mainbigware53.tpl.php"! You can find more than this...

Bigware Shop 2.0 - 'pollid' SQL Injection

Bigware Shop 2.0 Bug found by D4m14n Vendor: http://www.bigware.de/ Vuln. Version: 2.0 prior versions also may be affected Email: [email protected] GoogleDork: "Diese Shopsoftware wurde entwickelt von Bigware" There's a SQL-Injection in "mainbigware53.tpl.php"! You can find more than this...

Bigware Shop 2.0 pollid Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================== Bigware Shop 2.0 pollid Remote SQL Injection Vulnerability ========================================================== Bigware Shop 2.0 Bug found by D4m14n Vendor:...

Bigware Shop 2.0 - pollid SQL Injection

Bigware Shop 2.0 - pollid SQL Injection Bigware Shop 2.0 Bug found by D4m14n Vendor: http://www.bigware.de/ Vuln. Version: 2.0 prior versions also may be affected Email: [email protected] GoogleDork: "Diese Shopsoftware wurde entwickelt von Bigware" There's a SQL-Injection in...

Invision Power Board 2.0.3 - login.php SQL Injection (Tutorial)

Invision Power Board 2.0.3 - login.php SQL Injection Tutorial danica jones Tutorial for the recent exploit released by Petey Beege. 1. Get the exploit from http://www.milw0rm.com/id.php?id=1013 https://www.exploit-db.com/exploits/1013/ 2. Make sure you have LWP::UserAgent perl module if not do...