WordPress plugin User Verification by PickPlugins 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

CVE-2025-48952 NetAlertX has Password Bypass Vulnerability due to Loose Comparison in PHP

NetAlertX is a network, presence scanner, and alert framework. Prior to version 25.6.7, a vulnerability in the authentication logic allows users to bypass password verification using SHA-256 magic hashes, due to loose comparison in PHP. In vulnerable versions of the application, a password...

Phabricator: Multiple so called 'type juggling' attacks. Most notably PhabricatorUser::validateCSRFToken() is 'bypassable' in certain cases.

/ MONGOOSE mongoose MONGOOSE mongoose MONGOOSE mongoose MONGOOSE mongoose / The Phabricator code base is at various places vulnerable for so called 'type juggling' 1 attacks. Most notably PhabricatorUser::validateCSRFToken is 'bypassable' in certain cases. Type Juggling Since PHP's loose type...

CVE-2014-9037

WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to obtain access to an account idle since 2008 by leveraging an improper PHP dynamic type comparison for an MD5 hash...

CVE-2014-9037

WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to obtain access to an account idle since 2008 by leveraging an improper PHP dynamic type comparison for an MD5 hash...