19 matches found
EUVD-2001-0329
Malware in sbrugna...
EUVD-2016-9943
Malware in sbrugna...
EUVD-2005-0780
Malware in sbrugna...
EUVD-2022-2011
Malicious code in bioql PyPI...
CVE-2024-52010
Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. A command injection vulnerability in the Web SSH feature allows an authenticated attacker to execute arbitrary commands as root on the host. Zoraxy has a Web SSH terminal feature that allows authenticated users to connect to SSH...
CVE-2025-30254
An unauthenticated attacker can obtain a serial number of a smart meters using its owner's username...
CVE-2023-37482
The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames...
CVE-2024-56112
CyberPanel aka Cyber Panel before f0cf648 allows XSS via token or username to plogical/phpmyadminsignin.php...
CVE-2024-56112
CyberPanel aka Cyber Panel before f0cf648 allows XSS via token or username to plogical/phpmyadminsignin.php...
Unspecified Vulnerability in IBM TXSeries for Multiplatforms
IBM TXSeries for Multiplatforms is a transaction monitoring and management software product from International Business Machines IBM designed to support distributed transaction processing on multiple platforms. A security vulnerability exists in IBM TXSeries for Multiplatforms version 10.1, which...
PT-2023-25281 · Sick · Sick Icr890-4
Name of the Vulnerable Software and Affected Versions: SICK ICR890-4 affected versions not specified Description: The issue concerns an observable response discrepancy that could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login...
CVE-2021-37803
CVE-2021-37803: A SQL Injection vulnerability exists in Sourcecodester Online Covid Vaccination Scheduler System 1.0, exploitable via the username parameter in login.php (lognin.php). The issue is exposed over network with no authentication required (per CVSS v3.1: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H...
CVE-2008-4106
WordPress before 2.6.2 does not properly handle MySQL warnings about insertion of username strings that exceed the maximum column width of the userlogin column, and does not properly handle space characters when comparing usernames, which allows remote attackers to change an arbitrary user's...
CVE-2004-1428
ArGoSoft FTP before 1.4.2.1 generates an error message if the user name does not exist instead of prompting for a password, which allows remote attackers to determine valid usernames...
CVE-2004-0069
HD Soft Windows FTP Server 1.6 and earlier is affected by CVE-2004-0069 due to a format string vulnerability in the username parameter, which is processed by wscanf. This allows remote attackers to induce arbitrary code execution on vulnerable installations. The vulnerability is described in the ...
CVE-2004-0069
Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username, which is processed by the wscanf function...
HD Soft Windows FTP Server 1.51.6 - Username Format String
HD Soft Windows FTP Server 1.51.6 - Username Format String // source: https://www.securityfocus.com/bid/9385/info It has been reported that Windows FTP Server may be prone to a remote format string vulnerability when processing a malicious request from a client. The vulnerability presents itself...
AN HTTPD 1.38/1.39/1.40/1.41 - 'SOCKS4' Buffer Overflow
source: https://www.securityfocus.com/bid/6012/info A buffer overflow vulnerability has been reported for AN HTTPD. The vulnerability is due to insufficient bounds checking of usernames for SOCKS4 requests. When AN HTTPD acts as a SOCKS4 server, it handles user names in an unsafe manner. An...
Format string bug in Netware ftpd
Format string bug in username...