GHSA-2P6R-X3VV-XQM2 rpassword affected by partial password reveal when input is interrupted

rpassword maintainers were made aware of a possible issue with a partial password reveal when input is interrupted. To quote @squell: @conradkleinespel I've confirmed this problem with SequoiaPGP, which I think uses rpassword, e.g.: Suppose we use pkill -9 sq in a different terminal right after t...

rpassword affected by partial password reveal when input is interrupted

rpassword maintainers were made aware of a possible issue with a partial password reveal when input is interrupted. To quote @squell: @conradkleinespel I've confirmed this problem with SequoiaPGP, which I think uses rpassword, e.g.: Suppose we use pkill -9 sq in a different terminal right after t...

CVE-2025-51567

A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the rname, rcollage, rnumber, rgender and rpassword parameters in a POST HTTP request...

CVE-2025-51567

A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the rname, rcollage, rnumber, rgender and rpassword parameters in a POST HTTP request...

Kashipara Online Exam System 安全漏洞

Kashipara Online Exam System is an online exam system from Kashipara. A security vulnerability exists in version V1.0 of the kashipara Online Exam System, which originates from unvalidated parameters rname, rcollage, rnumber, rgender, and rpassword in the /exam/user/profile.php page, which could...

CVE-2025-51567

A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the rname, rcollage, rnumber, rgender and rpassword parameters in a POST HTTP request...

EUVD-2026-1912

A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the rname, rcollage, rnumber, rgender and rpassword parameters in a POST HTTP request...

CVE-2025-51567

CVE-2025-51567 affects Kashipara Online Exam System V1.0. The vulnerability is an SQL Injection in the /exam/user/profile.php page. The issue is triggered via POST parameters rname, rcollage, rnumber, rgender, and rpassword, allowing remote attackers to execute arbitrary SQL commands and potentia...

CVE-2025-63531

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the receiverLogin.php component. The application fails to properly sanitize user-supplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the remail and rpassword fields, a...

CVE-2025-63533

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and rprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript...

CVE-2025-63531

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the receiverLogin.php component. The application fails to properly sanitize user-supplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the remail and rpassword fields, a...

CVE-2025-63531

Blood Bank Management System 1.0 is affected in the receiverLogin.php component by a SQL injection flaw due to improper sanitization of input in SQL queries. An attacker can manipulate remail and rpassword to bypass authentication and gain unauthorized access. Public reports (Red Hat CVE, NVD, et...

EUVD-2025-199995

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the receiverLogin.php component. The application fails to properly sanitize user-supplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the remail and rpassword fields, a...

EUVD-2025-199993

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and rprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript...

PT-2025-48460

Name of the Vulnerable Software and Affected Versions Blood Bank Management System version 1.0 Description A SQL injection issue exists in the Blood Bank Management System 1.0 within the receiverLogin.php component. The application does not properly sanitize user-supplied input used in SQL querie...

CVE-2025-45321

kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in /osms/Requester/Requesterchangepass.php via the parameter: rPassword...

CVE-2025-45321

kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in /osms/Requester/Requesterchangepass.php via the parameter: rPassword...

Kashipara Online Service Management Portal 安全漏洞

Kashipara Online Service Management Portal is an online service management portal from Kashipara. A security vulnerability exists in Kashipara Online Service Management Portal version V1.0, which stems from improper handling of the rPassword parameter in the /osms/Requester/Requesterchangepass.ph...

PT-2025-19718 · Unknown · Kashipara Online Service Management Portal

Name of the Vulnerable Software and Affected Versions: kashipara Online Service Management Portal version V1.0 Description: The issue concerns a SQL Injection vulnerability in the /osms/Requester/Requesterchangepass.php endpoint, specifically via the rPassword parameter. Recommendations: For...

CVE-2023-46017

SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters...