CVE-2024-33288

Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page...

CVE-2024-33288

Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page...

OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username

A flaw was found in OpenSSH. This vulnerability allows a remote attacker to achieve arbitrary command execution by injecting shell metacharacters into a username provided on the command line. Exploitation requires an untrusted username and a non-default configuration of the '%' character in...

Important: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

CVE-2018-25301 Easy MPEG to DVD Burner 1.7.11 SEH Local Buffer Overflow

Easy MPEG to DVD Burner 1.7.11 contains a structured exception handling SEH local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious username string. Attackers can craft a payload containing junk data, SEH chain pointers, and shellcode tha...

CVE-1999-0224

Denial of service in Windows NT messenger service through a long username...

CVE-2019-16374

Pega Platform 8.2.1 allows LDAP injection because a username can contain a character and can be of unlimited length. An attacker can specify four characters of a username, followed by the character, to bypass access control...

ROS-20251203-09

A vulnerability in the ProxyCommand component of the OpenSSH cryptographic protection tool is related to the injection of a null byte %00 in the username string. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

Revive Adserver Username In-Blank Neutralization and Improper Vulnerability

Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from a...

EUVD-2000-0479

Malware in sbrugna...

EUVD-2019-16057

Malware in sbrugna...

EUVD-2014-5408

Malware in sbrugna...

EUVD-2004-2714

Malware in sbrugna...

EUVD-2018-8411

Malware in sbrugna...

EUVD-2002-2075

Malware in sbrugna...

EUVD-2024-52685

Malicious code in bioql PyPI...

EUVD-2023-2397

Malicious code in bioql PyPI...

CVE-2012-10047

CVE-2012-10047 concerns Cyclope Employee Surveillance Solution, version 6.x. A SQL injection flaw in the login flow (auth-login) arises because the username parameter is not properly sanitized, enabling an attacker to inject arbitrary SQL. According to connected documents, this can be leveraged t...

Sensitive Information Disclosure

universal-omega/dynamic-page-list3 is vulnerable to Sensitive Information Disclosure. The vulnerability is due to certain dpl parameters revealing usernames that were meant to be hidden via revision deletion, suppression, or the hideuser block flag...

CVE-2018-7282

The username parameter of the TITool PrintMonitor solution during the login request is vulnerable to and/or time-based blind SQLi...