6 matches found
EUVD-2025-23993
Malicious code in bioql PyPI...
CVE-2025-47872
The public-facing product registration endpoint server responds differently depending on whether the S/N is valid and unregistered, valid but already registered, or does not exist in the database. Combined with the fact that serial numbers are sequentially assigned, this allows an attacker to gai...
CVE-2025-47872 EG4 Electronics EG4 Inverters Observable Discrepancy
The public-facing product registration endpoint server responds differently depending on whether the S/N is valid and unregistered, valid but already registered, or does not exist in the database. Combined with the fact that serial numbers are sequentially assigned, this allows an attacker to gai...
CVE-2025-47872
CVE-2025-47872 affects EG4 Electronics EG4 Inverters. The public-facing product registration endpoint exposes information about serial numbers (SNs) based on their status (valid/unregistered, valid/registered, nonexistent). Because SNs are sequential, an attacker can infer the registration status...
PT-2022-19963 · Unknown · Sourcecodester Online Market Place Site
Name of the Vulnerable Software and Affected Versions: Sourcecodester Online Market Place Site version 1.0 Description: The issue allows attackers to register as a Seller and then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields. This enables Cross...
Trend Micro Encryption for Email Gateway Registration Authentication Bypass Vulnerability
This vulnerability allows remote attackers to reset the Administrator password on vulnerable installations of Trend Micro Encryption for Email Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the product registration process. T...