10 matches found
PT-2024-37516 · WordPress · Wps Hide Login
Name of the Vulnerable Software and Affected Versions: WPS Hide Login WordPress plugin versions prior to 1.9.16.4 Description: The issue allows an unauthenticated visitor to access the hidden login page due to the plugin not preventing redirects to the login page via the auth redirect WordPress...
PT-2024-2528 · Jetbrains · Jetbrains Teamcity +1
Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2024.03 Description: The issue is related to an open redirect vulnerability on the login page of JetBrains TeamCity. This could allow a remote attacker to redirect a user to an arbitrary URL...
PT-2024-12880 · Unknown · Openclinic Ga
Name of the Vulnerable Software and Affected Versions: OpenClinic GA version 5.247.01 Description: A Reflected Cross-Site Scripting XSS issue has been discovered. The message parameter in the login.jsp is vulnerable. Recommendations: For OpenClinic GA version 5.247.01, avoid using the message...
PT-2024-19013
Name of the Vulnerable Software and Affected Versions vantage6 versions prior to 4.2.0 Description The vantage6 technology is used to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. It is possible to find out usernames from the response...
PT-2023-24784 · Kyocera · Kyocera Taskalfa 4053Ci
Name of the Vulnerable Software and Affected Versions: Kyocera TASKalfa 4053ci printers through 2VG S000.002.561 Description: The issue allows identification of valid user accounts via username enumeration. This occurs because the system returns a "nicht einloggen" error rather than a "falsch"...
PT-2023-29764 · Wipotec Gmbh · Comscale
Name of the Vulnerable Software and Affected Versions: WIPOTEC GmbH ComScale versions 4.3.29.21344 through 4.4.12.723 Description: An issue in WIPOTEC GmbH ComScale allows unauthenticated attackers to login as any user without a password. Recommendations: For versions 4.3.29.21344 and 4.4.12.723,...
PT-2023-28721 · Macrob7 · Macrob7 Macs Framework Content Management System
Name of the Vulnerable Software and Affected Versions: Macrob7 Macs Framework Content Management System CMS version 1.1.4f Description: The issue is related to a PHP type confusion vulnerability due to loose comparison in the isValidLogin function during a login attempt. This vulnerability can le...
PT-2023-6846 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.10 Description: The issue is related to the lack of path filtering on the GLPI URL, which may allow an attacker to transmit a malicious URL of the login page to attempt a phishing attack on user credentials. This c...
PT-2023-5182 · Unknown · Qms Automotive
Name of the Vulnerable Software and Affected Versions: QMS Automotive versions prior to V12.39 Description: A vulnerability has been identified in QMS Automotive that allows an attacker to enumerate usernames and identify valid usernames due to the application returning inconsistent error message...
PT-2023-25741 · Sourcecodester · Sourcecodester Insurance Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Life Insurance Management System version 1.0 Description: A critical vulnerability was found in the SourceCodester Life Insurance Management System. This issue affects the file login.php and is caused by the manipulation of the...