User Registration, Login & Landing Pages – LeadMagic Security Vulnerabilities

Apple Filing Protocol Login Utility

This module attempts to bruteforce authentication credentials for...

Login/Signup Popup ( Inline Form + Woocommerce ) 2.7.1 - 2.7.2 - Missing Authorization to Arbitrary Options Update

Description The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'import_settings' function in versions 2.7.1 to 2.7.2. This makes it possible for authenticated attackers, with...

AdMentor Login Flaw

AdMentor is a totally free ad rotator script written entirely in ASP. A security vulnerability in the product allows remote attackers to cause the login administration ASP to allow them to enter without knowing any username or password (thus bypassing any authentication protection enabled for...

CVE-2023-1366

A vulnerability was found in SourceCodester Yoga Class Registration System 1.0. It has been classified as critical. This affects the function query of the file admin/categories/manage_category.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack...

Tomcat Application Manager Login Utility

This module simply attempts to login to a Tomcat Application Manager instance using a specific...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: wireguard-go, aactl, flux-notification-controller, confluent-common-docker, go-md2man, flux-image-reflector-controller, overmind, delve, falcosidekick, mods, aws-ebs-csi-driver, k9s, zot, pulumi-language-yaml, lazygit, docker-credential-acr-env, ko, helm-push,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: wireguard-go, aactl, flux-notification-controller, confluent-common-docker, go-md2man, flux-image-reflector-controller, overmind, delve, falcosidekick, mods, aws-ebs-csi-driver, k9s, zot, pulumi-language-yaml, lazygit, docker-credential-acr-env, ko, helm-push,...

Widget Bundle <= 2.0.0 - Unauthencated Reflected XSS

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users PoC On a site with the User Login/Registration widget active, have an unauthenticated user send.....

Apple Pages Installed (Mac OS X)

Apple Pages is installed on the remote Mac OS X host. It is a tool for word processing and desktop...

CVE-2023-0981

A vulnerability was found in SourceCodester Yoga Class Registration System 1.0. It has been classified as critical. Affected is an unknown function of the component Delete User. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier....

CVE-2023-1395

A vulnerability was found in SourceCodester Yoga Class Registration System 1.0. It has been declared as problematic. This vulnerability affects the function query of the file admin/user/list.php. The manipulation of the argument name leads to cross site scripting. The attack can be initiated...

CVE-2023-0980

A vulnerability was found in SourceCodester Yoga Class Registration System 1.0 and classified as critical. This issue affects some unknown processing of the file admin/registrations/update_status.php of the component Status Update Handler. The manipulation of the argument id leads to sql...

CVE-2023-1674

A vulnerability was found in SourceCodester School Registration and Fee System 1.0 and classified as critical. This issue affects some unknown processing of the file /bilal final/login.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection....

CVE-2023-0982

A vulnerability was found in SourceCodester Yoga Class Registration System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Add Class Entry. The manipulation of the argument id leads to sql injection. The attack can be launched...

Login/Signup Popup ( Inline Form + Woocommerce ) 2.7.1 - 2.7.2 - Missing Authorization to Arbitrary Options Exposure

Description The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ‘export_settings’ function in versions 2.7.1 to 2.7.2. This makes it possible for authenticated attackers, with...

CVE-2023-24379 WordPress Landing Page Builder – Free Landing Page Templates plugin <= 3.1.9.9 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Web-Settler Landing Page Builder – Free Landing Page Templates allows Path Traversal.This issue affects Landing Page Builder – Free Landing Page Templates: from n/a through...

CVE-2023-1675

A vulnerability was found in SourceCodester School Registration and Fee System 1.0. It has been classified as critical. Affected is an unknown function of the file /bilal final/edit_stud.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is...

CVE-2015-10107

A vulnerability was found in Simplr Registration Form Plus+ Plugin up to 2.3.4 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 2.3.5 is able to address....

Sybase ASE Login Possible

Nessus was able to log into the remote Sybase server using the supplied...

CVE-2015-10119

A vulnerability, which was classified as problematic, has been found in View All Posts Page Plugin up to 0.9.0 on WordPress. This issue affects the function action_admin_notices_activation of the file view-all-posts-pages.php. The manipulation leads to cross site scripting. The attack may be...

Django vulnerable to XSS on 500 pages

In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn't affect most production sites since you...

Wordpress Profile Builder Plugin Cross-Site Scripting

The Profile Builder User Profile & User Registration Forms WordPress plugin is vulnerable to cross-site scripting due to insufficient escaping and sanitization of the site_url parameter found in the ~/assets/misc/fallback-page.php file which allows attackers to inject arbitrary web scripts onto a.....

Cisco Firepower Management Console 6.0 Login

This module attempts to authenticate to a Cisco Firepower Management console via HTTPS. The credentials are also used for SSH, which could allow remote code...

HP System Management Homepage Login Utility

This module attempts to login to HP System Management Homepage using host operating system...

virt:ol and virt-devel:rhel security and enhancement update

hivex libguestfs [1.44.0-9.0.2] - libguestfs.spec: Add btrfs-progs RPM to appliance [Orabug: 35634755] [1.44.0-9.0.1] - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 [Orabug: 29319324] - Set DISTRO_ORACLE_LINUX correspeonding to ol [1:1.44.0-9] -...

AccessAlly <3.5.7 - Sensitive Information Leakage

WordPress AccessAlly plugin before 3.5.7 allows sensitive information leakage because the file &quot;resource/frontend/product/product-shortcode.php&quot; (which is responsible for the [accessally_order_form] shortcode) dumps serialize($_SERVER), which contains all environment variables. The leakag...

DirectAdmin Web Control Panel Login Utility

This module will attempt to authenticate to a DirectAdmin Web Control...

BAVision IP Camera Web Server Login

This module will attempt to authenticate to an IP camera created by BAVision via the web service. By default, the vendor ships a default credential admin:123456 to its cameras, and the web server does not enforce lockouts in case of a bruteforce...

Western Digital MyBook Live Login Utility

This module simply attempts to login to a Western Digital MyBook Live instance using a specific...

WordPress Nested Pages Plugin < 3.2.7 XSS Vulnerability

The WordPress...

Microsoft Azure Active Directory Login Enumeration

This module enumerates valid usernames and passwords against a Microsoft Azure Active Directory domain by utilizing a flaw in how SSO...

Softing Secure Integration Server Login Utility

This module will attempt to authenticate to a Softing Secure Integration...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: calico, grype, wireguard-go, aactl, flux-notification-controller, kubevela, prometheus, dotnet, nodetaint, pulumi-language-yaml, ko, slsa-verifier, kubernetes-csi-livenessprobe, kubescape, tctl, hey, pulumi, minio, sigstore-scaffolding, cert-manager, metacontroller,...

CVE-2024-4358 Registration Authentication Bypass Vulnerability

In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass...

Widget Bundle <= 2.0.0 - Unauthencated Reflected XSS

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated...

eZ Publish Legacy Passwordless login for LDAP users

This security advisory fixes a vulnerability in eZ Publish Legacy, and we recommend that you install it as soon as possible if you are using Legacy. Installations that are using the legacy LDAP login handler or the TextFile login handler in combination with the standard legacy login handler, may...

CVE-2024-2473 WPS Hide Login <= 1.9.15.2 - Login Page Disclosure

The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all versions up to, and including, 1.9.15.2. This is due to a bypass that is created when the 'action=postpass' parameter is supplied. This makes it possible for attackers to easily discover any login page that may...

Pie Register - Social Sites Login (Add on) < 1.7.8 - Unauthenticated Privilege Escalation

Description The plugin is vulnerable to authentication bypass due to insufficient verification on the user being supplied during a social login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they...

eZ Publish Legacy Passwordless login for LDAP users

This security advisory fixes a vulnerability in eZ Publish Legacy, and we recommend that you install it as soon as possible if you are using Legacy. Installations that are using the legacy LDAP login handler or the TextFile login handler in combination with the standard legacy login handler, may...

CVE-2024-34009

Insufficient checks whether ReCAPTCHA was enabled made it possible to bypass the checks on the login page. This did not affect other pages where ReCAPTCHA is...

CVE-2024-4358 Registration Authentication Bypass Vulnerability

In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass...

CVE-2024-2473 WPS Hide Login <= 1.9.15.2 - Login Page Disclosure

The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all versions up to, and including, 1.9.15.2. This is due to a bypass that is created when the 'action=postpass' parameter is supplied. This makes it possible for attackers to easily discover any login page that may...

PhpMyAdmin <4.8.2 - Local File Inclusion

PhpMyAdmin before version 4.8.2 is susceptible to local file inclusion that allows an attacker to include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted....

CVE-2022-36092

XWiki Platform Old Core is a core package for XWiki Platform, a generic wiki platform. Prior to versions 14.2 and 13.10.4, all rights checks that would normally prevent a user from viewing a document on a wiki can be bypassed using the login action and directly specified templates. This exposes...

Movable Type User Registration Restriction Bypass

The version of Movable Type running on the remote host has a restriction bypass vulnerability. It is possible to create new user accounts even when registration has been disabled in the blog configuration. A remote attacker could exploit this to register new accounts for blogs that do not allow...

CVE-2024-1111

A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched...

Login with phone number < 1.7.27 - Authentication Bypass due to Missing Empty Value Check

Description The Login with phone number plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.26. This is due to the 'activation_code' default value is empty, and the not empty check is missing in the 'lwp_ajax_register' function. This makes it possible.....

XWiki < 4.10.20 - Remote code execution

XWiki is vulnerable to a remote code execution (RCE) attack through its user registration feature. This issue allows an attacker to execute arbitrary code by crafting malicious payloads in the "first name" or "last name" fields during user registration. This impacts all installations that have...

WordPress Church Admin <0.810 - Cross-Site Scripting

WordPress Church Admin plugin before 0.810 allows remote attackers to inject arbitrary web script or HTML via the address parameter via...

Exploit for Path Traversal in Igniterealtime Openfire

CVE-2023-32315 - Openfire Authentication Bypass This...