CVE-2026-46645 SQLAdmin: Authorization Bypass on `ajax_lookup`

SQLAdmin is a flexible Admin interface for SQLAlchemy models. Prior to version 0.25.1, the ajaxlookup endpoint in application.py bypasses the isaccessible access control check that all other endpoints enforce. If a developer restricts model access by overriding isaccessible, an authenticated user...

EUVD-2005-0641

Malware in sbrugna...

EUVD-2018-11150

Malware in sbrugna...

CVE-2018-19461

admin\db\DoSql.php in EmpireCMS through 7.5 allows XSS via crafted SQL syntax to admin/admin.php...

Plesk/myLittleAdmin - ViewState .NET Deserialization Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule VIEWSTATEGENERATOR = 'CA0B0334'.freeze VIEWSTATEVALIDATIONKEY = "\x5c\x7e\xef\x66\x50\x63\x9d\x2c\xb8\xfa\xa0\xda\x36\xaf\x24\x45\x2d\xcf" ...

Plesk / myLittleAdmin ViewState .NET Deserialization

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule VIEWSTATEGENERATOR = 'CA0B0334'.freeze VIEWSTATEVALIDATIONKEY = "\x5c\x7e\xef\x66\x50\x63\x9d\x2c\xb8\xfa\xa0\xda\x36\xaf\x24\x45\x2d\xcf" ...

Red-Gate SQL Monitor 3.10 4.2 - Authentication Bypass

Red-Gate SQL Monitor 3.10 4.2 - Authentication Bypass Exploit Title: Red-Gate SQL Monitor authentication bypass Version: Redgate SQL Monitor before 3.10 and 4.x before 4.2 Date: 2017-08-10 Red-Gate made a security announcement and publicly released the fixed version more than two years before thi...

CVE-2015-9098

In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote attacker can gain unauthenticated access to the Base Monitor, resulting in the ability to execute arbitrary SQL commands on any monitored Microsoft SQL Server machines. If the Base Monitor is connecting to these machines using an...

MS12-066: Description of the security update for SharePoint Foundation 2010 Service Pack 1: October 9, 2012

Describes the security update for SharePoint Foundation 2010 Service Pack 1 that was released on October 9, 2012.INTRODUCTIONMicrosoft has released security bulletin MS12-066. To view the complete security bulletin, go to one of the following Microsoft websites: Home...

XGuestBook 2.0 - Authentication Bypass

Author = FireShot , Jacopo Vuga. Mail = fireshotautisticiorg Vulnerability = SQL Admin Auth Bypass Software = XGuestBook v2.0 Download =http://script.wareseeker.com/download/xguestbook.rar/14488 Greets to = Osirys, Myral, str0ke CODE $user = $POST'user'; $pass = md5$POST'pass'; $result =...

CVE-2005-0640

Computer Associates CA Unicenter Asset Management UAM 4.0 does not properly initialize the "Change Credentials for Database" window, which allows local users to recover the SQL Admin password via certain methods...

CVE-2005-0640

Computer Associates CA Unicenter Asset Management UAM 4.0 does not properly initialize the "Change Credentials for Database" window, which allows local users to recover the SQL Admin password via certain methods...

CVE-2000-0605

Summary: CVE-2000-0605 affects Blackboard CourseInfo 4.0. The vulnerability is that local and SQL administrator usernames/passwords are stored in cleartext in a registry key whose ACL allows other users to access the passwords. This leads to potential confidentiality exposure of admin credentials...