7 matches found
EUVD-2007-6362
Malware in sbrugna...
TYPO3-EXT-SA-2025-001: Account Takeover in extension "OpenID Connect Authentication" (oidc)
Problem Description A vulnerability in the account linking logic of the extension allows a pre-hijacking attack leading to Account Takeover. The attack can only be exploited if the following requirements are met: - An attacker can anticipate the email address of the user. - An attacker can regist...
MESbook Specified Function Provisioning Error Vulnerability
MESbook is a web-based system from MESbook Inc. connects to factory machines and converts data into information for real-time management. MESbook has a Specified Function Provisioning Error vulnerability that can be exploited by an attacker to register a user account without authentication...
MTN Group: Information disclosure via enabled Django Debug Mode
The Django Debug Mode was enabled, which resulted in the disclosure of error messages, API endpoints, and the ability to register arbitrary user accounts and enumerate email addresses of registered users...
CVE-2021-45808
jpress v4.2.0 allows users to register an account by default. With the account, user can upload arbitrary files to the server...
CVE-2021-21416
django-registration is a user registration package for Django. The django-registration package provides tools for implementing user-account registration flows in the Django web framework. In django-registration prior to 3.1.2, the base user-account registration view did not properly apply filters...
Silent Storm Portal - Multiple Vulnerabilities
Demonstration: Register a user account then login and run the exploit.html ---exploit.html---- 1" ---/exploit.html--- That's All! What Happened? The 3rd line of exploit.html injected Administrator level "1" into the database file. 1: Administrator,2: is Normal User. milw0rm.com 2004-09-30...