Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/11/18 12:11 a.m.13 views

CVE-2025-63747

QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Because the account provides administrative privileges in the default configuration, an attacker who can reach the login page can ga...

9.8CVSS7.1AI score0.00385EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/11/17 12:0 a.m.9 views

PT-2025-47157

Name of the Vulnerable Software and Affected Versions QaTraq version 6.9.2 Description The software ships with default administrative account credentials enabled, allowing immediate login via the web application login page. An attacker reaching the login page can gain administrative access due to...

9.8CVSS6.8AI score0.00385EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-6623

Malware in sbrugna...

6.8CVSS6.4AI score0.01971EPSS
Exploits0References8
NVD
NVD
added 2023/07/05 10:15 a.m.34 views

CVE-2023-3336

TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability. The vulnerability may allow a remote attacker to determine whether a user is valid during password recovery through the web login page and enable a brute force attack with valid users...

5.3CVSS5.3AI score0.00608EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/07/05 9:11 a.m.17 views

CVE-2023-3336 TN-5900 Series User Enumeration Vulnerability

TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability. The vulnerability may allow a remote attacker to determine whether a user is valid during password recovery through the web login page and enable a brute force attack with valid users...

5.3CVSS7.1AI score0.00608EPSS
Exploits0References1
OSV
OSV
added 2021/09/23 3:15 p.m.4 views

CVE-2021-3824

OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL...

6.1CVSS5.9AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/09/23 3:15 p.m.2 views

CVE-2021-3824

OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL...

6.1CVSS6.6AI score0.00722EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2018/04/12 10:53 p.m.26 views

Exploit for Improper Input Validation in Drupal

CVE-2018-7600 | Drupal 8.5.x --verbose --authentication...

9.8CVSS9AI score0.99993EPSS
Exploits46
NVD
NVD
added 2006/12/19 8:28 p.m.13 views

CVE-2006-6640

Multiple cross-site scripting XSS vulnerabilities in Omniture SiteCatalyst allow remote attackers to inject arbitrary web script or HTML via the 1 ss parameter in a search.asp and the 2 company and 3 username fields on b the web login page. NOTE: some details were obtained from third party...

6.8CVSS5.8AI score0.01971EPSS
Exploits0References7
Rows per page
Query Builder