EUVD-2023-0718

Malicious code in bioql PyPI...

CVE-2024-6129

A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected is an unknown function of the file /login of the component Username Handler. The manipulation of the argument email leads to observable behavioral discrepancy. It is possible to launch the attack...

CVE-2023-1557

A vulnerability was found in SourceCodester E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /ecommerce/admin/user/controller.php?action=edit of the component Username Handler. The manipulation of the argument USERID leads to...

CVE-2024-6129

CVE-2024-6129 affects spa-cartcms 1.9.0.6, specifically the Username Handler component’s /login function where manipulating the email argument causes observable behavior differences. All connected sources confirm remote exposure with high attack complexity and a disclosed exploit; exploitation st...

CVE-2024-6129 spa-cartcms Username login observable behavioral discrepancy

A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected is an unknown function of the file /login of the component Username Handler. The manipulation of the argument email leads to observable behavioral discrepancy. It is possible to launch the attack...

PT-2024-37405 · Unknown · Spa-Cartcms

Name of the Vulnerable Software and Affected Versions: spa-cartcms version 1.9.0.6 Description: A problematic issue was found in the Username Handler component, specifically in the /login file, where manipulating the email argument leads to observable behavioral discrepancy. This issue can be...

MediaWiki Cross-Site Scripting Vulnerability (CNVD-2023-09714)

MediaWiki is a free and free-to-use web-based wiki engine from the US-based MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems.MediaWiki matomo-mediawiki-extension suffers from a cross-site scripting vulnerability that stems from a...

Cross-site Scripting in DaSchTour matomo-mediawiki-extension

A vulnerability classified as problematic has been found in DaSchTour matomo-mediawiki-extension up to 2.4.2. This affects an unknown part of the file Piwik.hooks.php of the component Username Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely...

GHSA-HC67-V29C-7G78 Cross-site Scripting in DaSchTour matomo-mediawiki-extension

A vulnerability classified as problematic has been found in DaSchTour matomo-mediawiki-extension up to 2.4.2. This affects an unknown part of the file Piwik.hooks.php of the component Username Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely...

CVE-2017-20175

A vulnerability classified as problematic has been found in DaSchTour matomo-mediawiki-extension up to 2.4.2 on MediaWiki. This affects an unknown part of the file Piwik.hooks.php of the component Username Handler. The manipulation leads to cross site scripting. It is possible to initiate the...

CVE-2017-20175

The CVE-2017-20175 entry concerns DaSchTour matomo-mediawiki-extension (up to version 2.4.2) running on MediaWiki, with a cross-site scripting flaw in an unknown part of Piwik.hooks.php within the Username Handler. The issue can be triggered remotely, though attack complexity is described as high...

MediaWiki 跨站脚本漏洞

MediaWiki is a free and free-to-use web-based wiki engine from the US-based MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems.MediaWiki matomo-mediawiki-extension suffers from a cross-site scripting vulnerability that stems from a...

CVE-2015-10027

A vulnerability, which was classified as problematic, has been found in hydrian TTRSS-Auth-LDAP. Affected by this issue is some unknown functionality of the component Username Handler. The manipulation leads to ldap injection. Upgrading to version 2.0b1 is able to address this issue. The patch is...

Information disclosure

A vulnerability, which was classified as problematic, has been found in hydrian TTRSS-Auth-LDAP. Affected by this issue is some unknown functionality of the component Username Handler. The manipulation leads to ldap injection. Upgrading to version 2.0b1 is able to address this issue. The patch is...

CVE-2015-10027 hydrian TTRSS-Auth-LDAP Username ldap injection

A vulnerability, which was classified as problematic, has been found in hydrian TTRSS-Auth-LDAP. Affected by this issue is some unknown functionality of the component Username Handler. The manipulation leads to ldap injection. Upgrading to version 2.0b1 is able to address this issue. The patch is...

CVE-2015-10027 hydrian TTRSS-Auth-LDAP Username ldap injection

A vulnerability, which was classified as problematic, has been found in hydrian TTRSS-Auth-LDAP. Affected by this issue is some unknown functionality of the component Username Handler. The manipulation leads to ldap injection. Upgrading to version 2.0b1 is able to address this issue. The patch is...

PT-2023-10206 · Hydrian · Ttrss-Auth-Ldap

Name of the Vulnerable Software and Affected Versions: hydrian TTRSS-Auth-LDAP versions prior to 2.0b1 Description: A problematic issue has been found in the Username Handler component, leading to ldap injection. The estimated number of potentially affected devices is not specified. There is no...