316 matches found
EUVD-2024-51851
Malicious code in bioql PyPI...
EUVD-2025-2672
Malicious code in bioql PyPI...
EUVD-2021-6739
Malicious code in bioql PyPI...
EUVD-2023-2056
Malicious code in bioql PyPI...
EUVD-2022-5306
Malicious code in bioql PyPI...
EUVD-2022-0658
Malicious code in bioql PyPI...
EUVD-2025-3736
Malicious code in bioql PyPI...
EUVD-2022-30286
Malicious code in bioql PyPI...
EUVD-2025-24000
Malicious code in bioql PyPI...
EUVD-2022-27517
Malicious code in bioql PyPI...
EUVD-2023-50175
Malicious code in bioql PyPI...
EUVD-2023-28513
Malicious code in bioql PyPI...
Belkin F9K1009 / F9K1010 Authentication Bypass
This repository contains a exploit for CVE‑2025‑8730, a critical Authentication Bypass vulnerability affecting the web interface of Belkin F9K1009 and F9K1010 routers. The flaw lies in the session validation logic of the /login.htm file, where improperly handled cookies or crafted requests allow...
CVE-2025-5095
Burk Technology ARC Solo's password change mechanism can be utilized without proper authentication procedures, allowing an attacker to take over the device. A password change request can be sent directly to the device's HTTP endpoint without providing valid credentials. The system does not enforc...
CVE-2025-5095
Burk Technology ARC Solo's password change mechanism can be utilized without proper authentication procedures, allowing an attacker to take over the device. A password change request can be sent directly to the device's HTTP endpoint without providing valid credentials. The system does not enforc...
CVE-2025-5095
Burk Technology ARC Solo is affected by CVE-2025-5095: the device’s password-change endpoint accepts requests without valid credentials due to missing authentication/session validation, enabling an attacker to take control of the device. Reports note high-impact outcomes (full compromise risk) wi...
PT-2025-32330 · Burk Technology · Arc Solo
Name of the Vulnerable Software and Affected Versions: Burk Technology ARC Solo affected versions not specified Description: The password change mechanism in Burk Technology ARC Solo does not require proper authentication, potentially allowing an attacker to take over the device. A password chang...
CVE-2025-50489
CVE-2025-50489 affects the PHPGurukul Student Result Management System v2.0, specifically the /srms/change-password.php component. The issue is improper session invalidation, which enables session hijacking attacks. The CVSS details indicate network access with low attack complexity and no privil...
Improper Authorization
authentik is vulnerable to Improper Authorization. The vulnerability is due to missing session validation for single-use tokens in RAC endpoints, which allows an attacker to reuse a valid token from a shared URL to access another user’s session...
CVE-2025-53938 WeGIA vulnerable to Authentication Bypass due to Missing Session Validation in multiple endpoints
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. An Authentication Bypass vulnerability was identified in the /dao/verificarrecursoscargo.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows unauthenticated...