37 matches found
CVE-2018-25348
Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the userdetail view with malicious cid values containing SQL commands t...
CVE-2018-25348 Joomla! Component Ek Rishta 2.10 SQL Injection via user_detail
Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the userdetail view with malicious cid values containing SQL commands t...
EUVD-2018-21870
Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the userdetail view with malicious cid values containing SQL commands t...
CVE-2018-25348
CVE-2018-25348 concerns the Joomla! extension Ek Rishta 2.10 , where an SQL injection vulnerability exists in the user_detail view through the cid parameter. Unauthenticated attackers can manipulate database queries by supplying malicious cid values, enabling extraction of sensitive information. ...
CVE-2018-25348
Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the userdetail view with malicious cid values containing SQL commands t...
CVE-2026-23487
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an IDOR vulnerability where user.detail Endpoint Leaks the Superadmin Token. This issue has been patched in version 1.8.4...
CVE-2026-23487
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an IDOR vulnerability where user.detail Endpoint Leaks the Superadmin Token. This issue has been patched in version 1.8.4...
CVE-2026-23487 Blinko: IDOR - user.detail Endpoint Leaks Superadmin Token
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an IDOR vulnerability where user.detail Endpoint Leaks the Superadmin Token. This issue has been patched in version 1.8.4...
CVE-2026-23487
Blinko, an AI-powered card note-taking project, has a vulnerability CVE-2026-23487 in the user.detail endpoint (IDOR) that can leak the superadmin token. Affected are versions prior to 1.8.4; the root cause is improper access control on that endpoint. The issue has been patched in version 1.8.4. ...
CVE-2026-23487
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an IDOR vulnerability where user.detail Endpoint Leaks the Superadmin Token. This issue has been patched in version 1.8.4...
EUVD-2026-14543
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an IDOR vulnerability where user.detail Endpoint Leaks the Superadmin Token. This issue has been patched in version 1.8.4...
CVE-2026-23487 Blinko: IDOR - user.detail Endpoint Leaks Superadmin Token
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an IDOR vulnerability where user.detail Endpoint Leaks the Superadmin Token. This issue has been patched in version 1.8.4...
CVE-2026-23487 Blinko: IDOR - user.detail Endpoint Leaks Superadmin Token
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an IDOR vulnerability where user.detail Endpoint Leaks the Superadmin Token. This issue has been patched in version 1.8.4...
PT-2026-27215
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an IDOR vulnerability where user.detail Endpoint Leaks the Superadmin Token. This issue has been patched in version 1.8.4...
Blinko 安全漏洞
Blinko is an open-source AI-based card-based note-taking app designed for users who want to quickly capture and organize fleeting ideas. Versions of Blinko prior to 1.8.4 contained a security vulnerability. This vulnerability stemmed from an insecure direct object reference in the user.detail...
CVE-2023-4703
The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly validate parameters when updating user details, allowing an unauthenticated attacker to update the details of any user. Updating the password of an Admin user leads to privilege escalation...
EUVD-2016-0929
Malware in sbrugna...
PT-2025-29511 · Unknown +1 · Flask-Multipass +1
Name of the Vulnerable Software and Affected Versions: Indico versions 2.2 through 3.3.7 Description: Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. An endpoint used to display details of users listed in certain fields could be...
CVE-2024-30982
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the upid parameter in the /view-user-detail.php file...
CVE-2024-57162
Campcodes Cybercafe Management System v1.0 is vulnerable to SQL Injection in /ccms/view-user-detail.php...