9 matches found
EUVD-2020-15577
Malware in sbrugna...
CVE-2020-22820
MKCMS V6.2 has SQL injection via the /ucenter/repass.php name parameter...
CVE-2020-22820
MKCMS V6.2 has SQL injection via the /ucenter/repass.php name parameter...
Sql injection
MKCMS V6.2 has SQL injection via the /ucenter/repass.php name parameter...
CVE-2020-22820
MKCMS V6.2 has SQL injection via the /ucenter/repass.php name parameter...
CVE-2020-22820
MKCMS V6.2 is affected by an SQL injection vulnerability in the /ucenter/repass.php endpoint, exploitable via the name parameter. The CVSS vector indicates network access, no authentication, and high impact on confidentiality, integrity, and availability (score 9.8). Several connected sources cor...
CVE-2019-11332
MKCMS 5.0 allows remote attackers to take over arbitrary user accounts by posting a username and e-mail address to ucenter/repass.php, which triggers e-mail transmission with the password, as demonstrated by 123456...
CVE-2019-11332
The CVE-2019-11332 entry concerns MKCMS 5.0. Affected component: the repass.php flow in ucenter. The issue allows remote attackers to takeover arbitrary user accounts by posting a username and e-mail address, which triggers an e‑mail containing the user’s password (demo: 123456). The Red Hat and ...
CVE-2006-6667
CVE-2006-6667: Multiple SQL injection vulnerabilities in VerliAdmin 0.3 and earlier allow remote attackers to execute arbitrary SQL via nick_mod or nick to repass.php or verify.php. The NVD entry lists a CVSSv2 base score of 7.5 (HIGH, NETWORK, LOW complexity, no auth). Connected records corrobor...