PT-2025-47177

Name of the Vulnerable Software and Affected Versions Kashipara Ecommerce Website version 1.0 Description The Kashipara Ecommerce Website is susceptible to a SQL Injection issue through the recover email parameter in the user password recover.php file. This allows for potential unauthorized acces...

EUVD-2007-5955

Malware in sbrugna...

EUVD-2021-13965

Malware in sbrugna...

CVE-2021-27200

In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day...

Code injection

In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day...

CVE-2021-27200

In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day...

CVE-2021-27200

CVE-2021-27200 affects WoWonder 3.0.4. The issue is a weak cryptographic algorithm in recover.php, making the code parameter easily predictable from the time of day. This enables remote attackers to take over any account. The vulnerability is described consistently across multiple sources (NVD, R...

Unfixed XSS vulnerability at www.bitgamer.su

Security researcher WaR, has submitted on 04/01/2012 a cross-site-scripting XSS vulnerability affecting www.bitgamer.su, which at the time of submission ranked 30031 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 17/02/2012. It is currently...

Default credentials

account-recover.php in TorrentTrader Classic 1.09 chooses random passwords from an insufficiently large set, which makes it easier for remote attackers to obtain a password via a brute-force attack...