Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-2426

Malware in sbrugna...

6.8CVSS6.4AI score0.00708EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-7778

Malware in sbrugna...

8.8CVSS8.6AI score0.01613EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.17 views

EUVD-2021-30344

Malicious code in bioql PyPI...

9.3CVSS6.4AI score0.00937EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2025/05/22 4:5 p.m.5 views

CVE-2020-21238

An issue in the user login box of CSCMS v4.0 allows attackers to hijack user accounts via brute force attacks...

9.8CVSS6.9AI score0.00939EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 2:9 a.m.14 views

CVE-2012-0286

Cross-site request forgery CSRF vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to hijack the authentication of unspecified victims for requests that modify user accounts...

6.8CVSS7.4AI score0.01015EPSS
Exploits4References1
OSV
OSV
added 2024/04/04 8:18 p.m.16 views

CVE-2024-30264 typebot.io: `GHSL-2024-040`

Typebot is an open-source chatbot builder. A reflected cross-site scripting XSS in the sign-in page of typebot.io prior to version 2.24.0 may allow an attacker to hijack a user's account. The sign-in page takes the redirectPath parameter from the URL. If a user clicks on a link where the...

8.1CVSS6.2AI score0.00835EPSS
Exploits1References5
Redos
Redos
added 2023/11/09 12:0 a.m.29 views

ROS-20231109-02

Vulnerability in GLPI's request and incident handling system is related to information disclosure. Exploitation exploitation of the vulnerability could allow a remote attacker to obtain user logins. GLPI request and incident handling system vulnerability related to the lack of path filtering by...

9.8CVSS7.8AI score0.33874EPSS
Exploits0
OSV
OSV
added 2014/01/31 4:43 p.m.9 views

MGASA-2014-0031 Updated drupal package fixes security vulnerabilities

Christian Mainka and Vladislav Mladenov reported a vulnerability in the OpenID module that allows a malicious user to log in as other users on the site, including administrators, and hijack their accounts CVE-2014-1475. Matt Vance and Damien Tournoud reported an access bypass vulnerability in the...

7.5CVSS6.1AI score0.01526EPSS
Exploits0References4
0day.today
0day.today
added 2012/09/07 12:0 a.m.23 views

Interspire Email Marketer v6.0.1 Multiple Vulnerabilites

Exploit for php platform in category web applications Interspire Email Marketer v6.0.1 - Multiple Vulnerabilites Details: ======== 1.1 A SQL Injection vulnerability is detected in the Interspire Email Marketer v6.0.1, Email Marketing Software. The vulnerability allows an attacker remote or local...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2003/01/25 12:0 a.m.36 views

List Site Pro v2 user account Hijacking vulnerablity

List Site Pro v2 user account Hijacking vulnerablity Severity:Low homepage:http://www.listsitepro.com It is possible to take over another user account by signing up and using | in one of the required feilds. List Site Pro uses '|' to delimit the database but the form input is not checked and...

7AI score
Exploits0
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.21 views

CVE-2002-0097

Geeklog 1.3 allows remote attackers to hijack user accounts, including the administrator account, by modifying the UID of a user's permanent cookie to the target account...

6.6AI score0.01588EPSS
Exploits0References4
securityvulns
securityvulns
added 2002/01/08 12:0 a.m.40 views

Security Advisory for Bugzilla v2.15 (cvs20020103) and older

All users of Bugzilla, the bug-tracking system from mozilla.org, who are using a version of Bugzilla installed from a downloaded tarball or package file are strongly recommended to update to version 2.14.1. All users of Bugzilla who are currently using version 2.15 checked out of cvs prior to 15...

0.1AI score
Exploits0
Rows per page
Query Builder