30 matches found
EUVD-2021-18521
Malware in sbrugna...
EUVD-2024-47694
Malicious code in bioql PyPI...
EUVD-2021-32220
Malicious code in bioql PyPI...
EUVD-2024-46445
Malicious code in bioql PyPI...
EUVD-2025-7252
Malicious code in bioql PyPI...
EUVD-2025-5893
Malicious code in bioql PyPI...
EUVD-2024-48288
Malicious code in bioql PyPI...
EUVD-2022-37717
Malicious code in bioql PyPI...
CVE-2025-5604 Campcodes Hospital Management System user-login.php sql injection
A vulnerability was found in Campcodes Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user-login.php. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit ha...
PT-2025-23369 · Sourcecodester · Sourcecodester Php Display Username After Login
Name of the Vulnerable Software and Affected Versions: SourceCodester PHP Display Username After Login version 1.0 Description: A critical vulnerability has been found in the software. The issue affects an unknown function of the file /login.php. Manipulation of the Username argument leads to SQL...
CVE-2023-50035
PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection on the Users login panel because of "password" parameter is directly used in the SQL query without any sanitization and the SQL Injection payload being executed...
CVE-2021-31632
b2evolution CMS v7.2.3 was discovered to contain a SQL injection vulnerability via the parameter cfqueryparam in the User login section. This vulnerability allows attackers to execute arbitrary code via a crafted input...
CVE-2025-3844
The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to Authentication Bypass in versions 1.9.1 to 7.5.2. This is due to handelajaxreq function not having proper restrictions on the changeusermeta functionality that makes it possible to set a OTP code and subsequently log in...
CVE-2024-57490
Guangzhou Hongfan Technology Co., LTD. iOffice20 has any user login vulnerability. An attacker can log in to any system account including the system administrator through a logical flaw...
CVE-2024-57490
Guangzhou Hongfan Technology Co., LTD. iOffice20 has any user login vulnerability. An attacker can log in to any system account including the system administrator through a logical flaw...
CVE-2024-57490
Guangzhou Hongfan Technology Co., LTD. iOffice20 has any user login vulnerability. An attacker can log in to any system account including the system administrator through a logical flaw...
CVE-2024-57490
CVE-2024-57490 affects Guangzhou Hongfan Technology Co., LTD. iOffice20. The issue is a logic flaw that permits an attacker to log in as any user, including the administrator, effectively bypassing authentication. The vulnerability is tracked across multiple feeds (NVD, Red Hat, CNNVD, CVE List, ...
CVE-2024-57490
Guangzhou Hongfan Technology Co., LTD. iOffice20 has any user login vulnerability. An attacker can log in to any system account including the system administrator through a logical flaw...
CVE-2025-1638
CVE-2025-1638 - Alloggio Membership (WordPress) Affected software: Alloggio Membership plugin for WordPress, versions up to 1.0.2 (and recurring references show ongoing CVE coverage up to 1.1.x). Root cause: Authentication bypass due to improper user validation in the REST login pathways, specifi...
CVE-2025-1717 Login Me Now <= 1.7.2 - Authentication Bypass
The Login Me Now plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.2. This is due to insecure authentication based on an arbitrary transient name in the 'AutoLogin::listen' function. This makes it possible for unauthenticated attackers to log in an...