88 matches found
Unspecified vulnerability in Joomla! (CNVD-2020-44909)
Joomla! is the U.S. Open Source Matters team of a set of PHP and MySQL development using open source , cross-platform content management system CMS. A security vulnerability exists in Joomla! 3.9.19 and earlier versions, which can be exploited by an attacker to modify internal read-only fields in...
Advantech iView Access Control Error Vulnerability
Advantech iView is a device management application from Advantech. An Access Control Error vulnerability exists in Advantech iView 5.6 and prior versions. A remote attacker can exploit the vulnerability to obtain information from the user table, including administrator credentials in plain text...
CVE-2020-15697
An issue was discovered in Joomla! through 3.9.19. Internal read-only fields in the User table class could be modified by users...
CVE-2020-15697
An issue was discovered in Joomla! through 3.9.19. Internal read-only fields in the User table class could be modified by users...
Code injection
An issue was discovered in Joomla! through 3.9.19. Internal read-only fields in the User table class could be modified by users...
CVE-2020-15697
An issue was discovered in Joomla! through 3.9.19. Internal read-only fields in the User table class could be modified by users...
CVE-2020-15697
CVE-2020-15697 affects Joomla! up to version 3.9.19. The issue is that internal read-only fields in the User table class could be modified by users, enabling unauthorized modification of user data and impacting data integrity. The reliable sources in the connected documents corroborate this speci...
CVE-2020-14501
Advantech iView, versions 5.6 and prior, has an improper authentication for critical function CWE-306 issue. Successful exploitation of this vulnerability may allow an attacker to obtain the information of the user table, including the administrator credentials in plain text. An attacker may also...
Joomla! 1.7.x < 3.9.16 Multiple Vulnerabilities
According to its self-reported version, the instance of Joomla! running on the remote web server is 1.7.x prior to 3.9.16. It is, therefore, affected by multiple vulnerabilities : - Missing token checks in the image actions of comtemplates causes CSRF vulnerabilities. CVE-2020-10241 - Inadequate...
[20200704] - Core - Variable tampering via user table class
Internal read-only fields in the User table class could be modified by users...
vBulletin /ajax/api/content_infraction/getIndexableContent nodeid Parameter SQL Injection
This module exploits a SQL injection vulnerability found in vBulletin 5.x.x to dump the user table information or to dump all of the vBulletin tables based on the selected options. This module has been tested successfully on VBulletin Version 5.6.1 on Ubuntu Linux. This module requires Metasploit...
CVE-2020-10240
An issue was discovered in Joomla! before 3.9.16. Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses...
Design/Logic Flaw
An issue was discovered in Joomla! before 3.9.16. Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses...
CVE-2020-10240
CVE-2020-10240 affects Joomla! up to version 3.9.15, where missing length checks in the users table can allow creation of users with duplicate usernames or email addresses. The issue is documented across multiple sources (NVD, OSV, and OSSV listings) as a data-validation flaw in the user table, w...
CVE-2020-10240
An issue was discovered in Joomla! before 3.9.16. Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses...
PT-2020-11996 · Open Source Matters · Joomla!
Name of the Vulnerable Software and Affected Versions: Joomla! versions prior to 3.9.16 Description: An issue was discovered in Joomla! where missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses. Recommendations: For versions...
[20200304] - Core - Identifier collisions in com_users
Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses...
vBulletin 4.2.3 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title : vBulletin = 4.2.3 SQL Injection CVE-2016-6195 Author : Manish Kishan Tanwar AKA error1046 https://twitter.com/IndiShell1046 Date : 25/08/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Singh and...
New php vulnerability discovery of the debug result of the security vulnerability, Edusoho-a vulnerability warning-the black bar safety net
Modern cms framework laraval/symfony/slim, leading to today's php vulnerability appears point, principle, using method, has undergone some changes, this series can hope to summarize their excavation of such a cms vulnerability. Today this vulnerability is Edusoho a user table dump vulnerability...
D-Link DIR-601 Authentication Bypass Vulnerability
D-Link DIR-601 is a wireless router product. A security vulnerability in mycgi.cgi in the D-Link DIR-601 2.02NA and earlier versions allows malicious users to bypass certain security restrictions and gain access to the Adminuser, Wirelesssettings, Wirelesssecurity, Wirelesssecurity settings table...