CVE-2024-9894 code-projects Blood Bank System reset.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file reset.php. The manipulation of the argument useremail leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

CVE-2024-9894 code-projects Blood Bank System reset.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file reset.php. The manipulation of the argument useremail leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

Privilege Escalation

idno/known is vulnerable to Privilege Escalation. The vulnerability exists due to the lack of validation in the password reset token in the getContent function of Reset.php, allowing an attacker to account takeover through the password reset poisoning by providing a malicious HTTP header...

CVE-2020-12735

reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset requests, leading to account takeover...

Design/Logic Flaw

reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset requests, leading to account takeover...

ServerZilla 1.0 - email SQL Injection

ServerZilla 1.0 - email SQL Injection Exploit Title: ServerZilla 1.0 - 'email' SQL Injection Dork: N/A Date: 2018-11-08 Exploit Author: Ihsan Sencan Vendor Homepage: https://serverzilla.sourceforge.io/ Software Link: https://ayera.dl.sourceforge.net/project/serverzilla/ServerZillasrc.zip Version:...

ServerZilla 1.0 SQL Injection

Exploit Title: ServerZilla 1.0 - 'email' SQL Injection Dork: N/A Date: 2018-11-08 Exploit Author: Ihsan Sencan Vendor Homepage: https://serverzilla.sourceforge.io/ Software Link: https://ayera.dl.sourceforge.net/project/serverzilla/ServerZillasrc.zip Version: 1.0 Category: Webapps Tested on:...

ServerZilla 1.0 - 'email' SQL Injection

Exploit Title: ServerZilla 1.0 - 'email' SQL Injection Dork: N/A Date: 2018-11-08 Exploit Author: Ihsan Sencan Vendor Homepage: https://serverzilla.sourceforge.io/ Software Link: https://ayera.dl.sourceforge.net/project/serverzilla/ServerZillasrc.zip Version: 1.0 Category: Webapps Tested on:...

Cross site request forgery (csrf)

In SimpleRisk 20170614-001, a CSRF attack on reset.php aka the Send Password Reset Email form can insert XSS sequences via the user parameter...

CVE-2017-10711

In SimpleRisk 20170614-001, a CSRF attack on reset.php aka the Send Password Reset Email form can insert XSS sequences via the user parameter...

CVE-2017-10711

In SimpleRisk 20170614-001, a CSRF attack on reset.php aka the Send Password Reset Email form can insert XSS sequences via the user parameter...

Free Hosting Manager 2.0.2 - Multiple SQLi

No description provided by source. ------------------------------------------------------------------------- Software : Free Hosting Manager V2.0.2 Multiple SQLi Author : Saadat Ullah , [email protected] Author home : http://security-geeks.blogspot.com Date : 23/3/13 Vendors :...

Free Hosting Manager 2.0.2 - Multiple SQL Injections

Free Hosting Manager 2.0.2 - Multiple SQL Injections ------------------------------------------------------------------------- Software : Free Hosting Manager V2.0.2 Multiple SQLi Author : Saadat Ullah , [email protected] Author home : http://security-geeks.blogspot.com Date : 23/3/13...

Joomla! reset.php Reset Token Validation Forgery

The version of Joomla! running on the remote host is affected by a password reset vulnerability in components/comuser/models/reset.php script due to improper validation of user-supplied input to the 'token' parameter before using it to construct database queries in the confirmReset function. An...

Joomla 1.5.x (Token) Remote Admin Change Password Vulnerability

No description provided by source. Joomla 1.5.x Remote Admin Password Change Author: d3m0n [email protected] Greets: GregStar, gorion, d3d!k Polish "hackers" used this bug to deface turkish sites BUAHAHHA nice 0-day pff File : /components/comuser/controller.php Line : 379-399 function confirmreset //...