9 matches found
CVE-2025-63747
QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Because the account provides administrative privileges in the default configuration, an attacker who can reach the login page can ga...
PT-2025-47157
Name of the Vulnerable Software and Affected Versions QaTraq version 6.9.2 Description The software ships with default administrative account credentials enabled, allowing immediate login via the web application login page. An attacker reaching the login page can gain administrative access due to...
EUVD-2006-6623
Malware in sbrugna...
CVE-2023-3336
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability. The vulnerability may allow a remote attacker to determine whether a user is valid during password recovery through the web login page and enable a brute force attack with valid users...
CVE-2023-3336 TN-5900 Series User Enumeration Vulnerability
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability. The vulnerability may allow a remote attacker to determine whether a user is valid during password recovery through the web login page and enable a brute force attack with valid users...
CVE-2021-3824
OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL...
CVE-2021-3824
OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL...
Exploit for Improper Input Validation in Drupal
CVE-2018-7600 | Drupal 8.5.x --verbose --authentication...
CVE-2006-6640
Multiple cross-site scripting XSS vulnerabilities in Omniture SiteCatalyst allow remote attackers to inject arbitrary web script or HTML via the 1 ss parameter in a search.asp and the 2 company and 3 username fields on b the web login page. NOTE: some details were obtained from third party...