EUVD-2020-30784

Malware in sbrugna...

EUVD-2016-8016

Malware in sbrugna...

EUVD-2021-23612

Malware in sbrugna...

EUVD-2024-33031

Malicious code in bioql PyPI...

CVE-2025-4973 Workreap <= 3.3.1 - Authentication Bypass via 'workreap_verify_user_account'

The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme, is vulnerable to authentication bypass in all versions up to, and including, 3.3.1. This is due to the plugin not properly verifying a user's identity prior to logging them in when verifying an accoun...

Abandoned Cart Lite for WooCommerce - Authentication Bypass

The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This is due to insufficient encryption on the user being supplied during the abandoned cart link decode through the plugin. This allows unauthenticated...

CVE-2023-3162

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. This is due to insufficient verification on the user being supplied during a Stripe checkout through the plugin. This allows unauthenticated attackers to...

CVE-2024-12225

CVE-2024-12225 affects Quarkus, specifically the quarkus-security-webauthn module. The vulnerability arises because default REST endpoints for user registration/login remain accessible when developers add custom endpoints, potentially allowing an attacker to obtain a login cookie with no correspo...

CVE-2024-12225 Io.quarkus:quarkus-security-webauthn: quarkus webauthn unexpected authentication bypass

A vulnerability was found in Quarkus in the quarkus-security-webauthn module. The Quarkus WebAuthn module publishes default REST endpoints for registering and logging users in while allowing developers to provide custom REST endpoints. When developers provide custom REST endpoints, the default...

CVE-2024-11349

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.6. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the sbloginuserwithotpfun function. This makes it possible for unauthenticat...

Dream4 Koobi Pro 6.25 Shop - categ SQL Injection

Dream4 Koobi Pro 6.25 Shop - categ SQL Injection Koobi Pro 6.25 shop categ all version Koobi AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : allinurl: "index php p shop"categ EXPLOiT :...

[waraxe-2004-SA#037 - Sql injection bug in Phorum 5.0.12 and older versions]

================================================================================ waraxe-2004-SA037 ================================================================================ Sql injection bug in Phorum 5.0.12 and older versions...

Solaris 2.6/7/8 - &#039;TTYPROMPT in.telnet&#039; Remote Authentication Bypass

Solaris TTYPROMPT Security Vulnerability Telnet This vulnerability is very simple to exploit, since it does not require any code to be compiled by an attacker. The vulnerability only requires the attacker to simply define the environment variable TTYPROMPT to a 6-character string, inside telnet...