GHSA-C4P7-RWRG-PF6P Shopware vulnerable to a potential take over of app credentials

Summary We identified and fixed a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. By abusing app re‑registration, an attacker could redirect app traffic to an...

EUVD-2017-9095

Malware in sbrugna...

CVE-2023-5650

An improper privilege management vulnerability in the ZySH of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50W series firmware versions 4.16 through 5.37, USG20W-VPN series firmware versions 4.16 through 5.37, and VPN seri...

CVE-2017-17952

PHP Scripts Mall PHP Multivendor Ecommerce has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address...

Unauthorized User Registration Bypass

github.com/zitadel/zitadel is vulnerable to unauthorized user registration bypass. This vulnerability is due to a missing security check when the "User Registration allowed" option is disabled, which hides the registration button but does not block direct access to the registration URL...

SUSE CVE-2024-49757

The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. Due to a missing security check in versions prior to 2.64.0, 2.63.5, 2.62.7, 2.61.4, 2.60.4, 2.59.5, and 2.58.7, disabling the "User Registration allowed" option only hid the...

CVE-2021-22852

HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter online registration to obtain database schema and data...

escapefromtarkov.com XSS vulnerability

Open Bug Bounty ID: OBB-678987 Description| Value ---|--- Affected Website:| escapefromtarkov.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

PHP Scripts Mall PHP Multivendor Ecommerce Arbitrary Registration URL Vulnerability

PHP Multivendor Ecommerce is a shopping cart software from PHP Scripts Mall built on the PHP platform that allows sellers to easily customize and sell their products. An arbitrary registration URL vulnerability exists in PHP Scripts Mall PHP Multivendor Ecommerce. A remote attacker can exploit th...

CVE-2017-17952

PHP Scripts Mall PHP Multivendor Ecommerce has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address...

CVE-2017-17952

The CVE-2017-17952 entry concerns PHP Scripts Mall PHP Multivendor Ecommerce, where a predicable registration URL enables remote attackers to complete registrations using invalid or spoofed email addresses. Connected sources (Red Hat, CNVD, CNVD CNVD-2018, PRION, CVE lists, etc.) corroborate the ...

CVE-2017-17952

PHP Scripts Mall PHP Multivendor Ecommerce has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address...

PHP Scripts Mall Professional Service Script Predictable Registration URL Vulnerability

Professional Service Script is a script from PHP Scripts Mall with search, task creation and task management features. A predictable registration URL vulnerability exists in PHP Scripts Mall Professional Service Script. A remote attacker could exploit this vulnerability to register with an invali...

CVE-2017-17926

PHP Scripts Mall Professional Service Script has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address...

Code injection

PHP Scripts Mall Professional Service Script has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address...

CVE-2017-17926

CVE-2017-17926 concerns the PHP Scripts Mall Professional Service Script, where a predictable registration URL enables remote attackers to create accounts using invalid or spoofed email addresses. The description across multiple connected documents consistently identifies the vulnerability as a p...

CVE-2017-17926

PHP Scripts Mall Professional Service Script has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address...

safedrivercentre.com XSS vulnerability

Vulnerable URL: http://www.safedrivercentre.com/registration.asp?RegistrationCode=1/-///'/"//--...