Search
Total
37 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-4214 | 1 Apppresser | 1 Apppresser | 2023-11-25 | N/A | 9.8 CRITICAL |
| The AppPresser plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 4.2.5. This is due to the plugin generating too weak a reset code, and the code used to reset the password has no attempt or time limit. | |||||
| CVE-2023-4448 | 1 Openrapid | 1 Rapidcms | 2023-08-25 | N/A | 9.8 CRITICAL |
| A vulnerability was found in OpenRapid RapidCMS 1.3.1 and classified as critical. This issue affects some unknown processing of the file admin/run-movepass.php. The manipulation of the argument password/password2 leads to weak password recovery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 4dff387283060961c362d50105ff8da8ea40bcbe. It is recommended to apply a patch to fix this issue. The identifier VDB-237569 was assigned to this vulnerability. | |||||
| CVE-2022-23855 | 1 Saviynt | 1 Enterprise Identity Cloud | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An authentication bypass in ECM/maintenance/forgotpasswordstep1 allows an unauthenticated user to reset passwords and login as any local account. | |||||
| CVE-2019-18818 | 1 Strapi | 1 Strapi | 2022-02-20 | 7.5 HIGH | 9.8 CRITICAL |
| strapi before 3.0.0-beta.17.5 mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js. | |||||
| CVE-2021-22731 | 1 Schneider-electric | 32 Mcsesm043f23f0, Mcsesm043f23f0 Firmware, Mcsesm053f1cs0 and 29 more | 2022-02-01 | 7.5 HIGH | 9.8 CRITICAL |
| Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker. | |||||
| CVE-2018-16529 | 1 Forcepoint | 1 Email Security | 2021-09-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the intended expiration period or after the URL has already been used to reset a password. | |||||
| CVE-2015-5172 | 2 Cloudfoundry, Pivotal Software | 3 Cf-release, Cloud Foundry Elastic Runtime, Cloud Foundry Uaa | 2021-08-25 | 7.5 HIGH | 9.8 CRITICAL |
| Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire password reset links. | |||||
| CVE-2021-36209 | 1 Jetbrains | 1 Hub | 2021-08-12 | 7.5 HIGH | 9.8 CRITICAL |
| In JetBrains Hub before 2021.1.13389, account takeover was possible during password reset. | |||||
| CVE-2021-28293 | 1 Seceon | 1 Aisiem | 2021-06-24 | 7.5 HIGH | 9.8 CRITICAL |
| Seceon aiSIEM before 6.3.2 (build 585) is prone to an unauthenticated account takeover vulnerability in the Forgot Password feature. The lack of correct configuration leads to recovery of the password reset link generated via the password reset functionality, and thus an unauthenticated attacker can set an arbitrary password for any user. | |||||
| CVE-2021-22763 | 1 Schneider-electric | 10 Powerlogic Pm5560, Powerlogic Pm5560 Firmware, Powerlogic Pm5561 and 7 more | 2021-06-23 | 10.0 HIGH | 9.8 CRITICAL |
| A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for version infromation) that could allow an attacker administrator level access to a device. | |||||
| CVE-2021-25323 | 1 Misp | 1 Misp | 2021-01-22 | 6.4 MEDIUM | 9.1 CRITICAL |
| The default setting of MISP 2.4.136 did not enable the requirements (aka require_password_confirmation) to provide the previous password when changing a password. | |||||
| CVE-2020-27179 | 1 Konzept-ix | 1 Publixone | 2020-11-02 | 7.5 HIGH | 9.8 CRITICAL |
| konzept-ix publiXone before 2020.015 allows attackers to take over arbitrary user accounts by crafting password-reset tokens. | |||||
| CVE-2020-25105 | 1 Eramba | 1 Eramba | 2020-09-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| eramba c2.8.1 and Enterprise before e2.19.3 has a weak password recovery token (createHash has only a million possibilities). | |||||
| CVE-2018-18871 | 1 Gigasetpro | 2 Maxwell Basic, Maxwell Basic Firmware | 2020-08-24 | 5.0 MEDIUM | 9.8 CRITICAL |
| Missing password verification in the web interface on Gigaset Maxwell Basic VoIP phones with firmware 2.22.7 would allow a remote attacker (in the same network as the device) to change the admin password without authentication (and without knowing the original password). | |||||
| CVE-2019-6560 | 1 Auto-maskin | 5 Dcu 210, Dcu 210 Firmware, Marine Pro Observer and 2 more | 2020-03-25 | 6.4 MEDIUM | 9.1 CRITICAL |
| In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro (Android App), the software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak. | |||||
| CVE-2012-5618 | 1 Ushahidi | 1 Ushahidi | 2020-02-12 | 5.0 MEDIUM | 9.8 CRITICAL |
| Ushahidi before 2.6.1 has insufficient entropy for forgot-password tokens. | |||||
| CVE-2012-5686 | 1 Zpanelcp | 1 Zpanel | 2020-02-06 | 7.5 HIGH | 9.8 CRITICAL |
| ZPanel 10.0.1 has insufficient entropy for its password reset process. | |||||
| CVE-2020-7245 | 1 Ctfd | 1 Ctfd | 2020-01-31 | 6.8 MEDIUM | 9.8 CRITICAL |
| Incorrect username validation in the registration process of CTFd v2.0.0 - v2.2.2 allows an attacker to take over an arbitrary account if the username is known and emails are enabled on the CTFd instance. To exploit the vulnerability, one must register with a username identical to the victim's username, but with white space inserted before and/or after the username. This will register the account with the same username as the victim. After initiating a password reset for the new account, CTFd will reset the victim's account password due to the username collision. | |||||
| CVE-2019-19844 | 2 Canonical, Djangoproject | 2 Ubuntu Linux, Django | 2020-01-08 | 5.0 MEDIUM | 9.8 CRITICAL |
| Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.) | |||||
| CVE-2018-16988 | 1 Xdmod | 1 Open Xdmod | 2020-01-02 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in Open XDMoD through 7.5.0. An authentication bypass (account takeover) exists due to a weak password reset mechanism. A brute-force attack against an MD5 rid value requires only 600 guesses in the plausible situation where the attacker knows that the victim has started a password-reset process (pass_reset.php, password_reset.php, XDUser.php) in the past few minutes. | |||||
| CVE-2019-17392 | 1 Progress | 1 Sitefinity | 2019-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| Progress Sitefinity 12.1 has a Weak Password Recovery Mechanism for a Forgotten Password because the HTTP Host header is mishandled. | |||||
| CVE-2019-15929 | 1 Craftcms | 1 Craft Cms | 2019-10-30 | 5.0 MEDIUM | 9.8 CRITICAL |
| In Craft CMS through 3.1.7, the elevated session password prompt was not being rate limited like normal login forms, leading to the possibility of a brute force attempt on them. | |||||
| CVE-2018-7811 | 1 Schneider-electric | 8 Modicom Bmxnor0200h, Modicom Bmxnor0200h Firmware, Modicom M340 and 5 more | 2019-10-02 | 5.0 MEDIUM | 9.8 CRITICAL |
| An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the change password function of the web server | |||||
| CVE-2019-11393 | 1 Tildeslash | 1 Monit | 2019-04-30 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in /admin/users/update in M/Monit before 3.7.3. It allows unprivileged users to escalate their privileges to an administrator by requesting a password change and specifying the admin parameter. | |||||
| CVE-2019-10641 | 1 Contao | 1 Contao Cms | 2019-04-19 | 5.0 MEDIUM | 9.8 CRITICAL |
| Contao before 3.5.39 and 4.x before 4.7.3 has a Weak Password Recovery Mechanism for a Forgotten Password. | |||||
| CVE-2018-19488 | 1 Wp-jobhunt Project | 1 Wp-jobhunt | 2019-04-01 | 7.5 HIGH | 9.8 CRITICAL |
| The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_reset_pass() function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset the password of a user's account. | |||||
| CVE-2015-4689 | 1 Ellucian | 1 Banner Student | 2019-03-13 | 5.0 MEDIUM | 9.8 CRITICAL |
| Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows remote attackers to reset arbitrary passwords via unspecified vectors, aka "Weak Password Reset." | |||||
| CVE-2018-17298 | 1 Enalean | 1 Tuleap | 2019-01-29 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in Enalean Tuleap before 10.5. Reset password links are not invalidated after a user changes its password. | |||||
| CVE-2018-7809 | 1 Schneider-electric | 8 Modicom Bmxnor0200h, Modicom Bmxnor0200h Firmware, Modicom M340 and 5 more | 2018-12-28 | 6.4 MEDIUM | 9.8 CRITICAL |
| An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the password delete function of the web server. | |||||
| CVE-2018-17881 | 1 D-link | 2 Dir-823g, Dir-823g Firmware | 2018-12-17 | 5.0 MEDIUM | 9.8 CRITICAL |
| On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 SetPasswdSettings commands without authentication to trigger an admin password change. | |||||
| CVE-2018-1000501 | 1 Instant-update | 1 Instant Update Cms | 2018-08-30 | 7.5 HIGH | 9.8 CRITICAL |
| Instant Update CMS contains a Password Reset Vulnerability vulnerability in /iu-application/controllers/administration/auth.php that can result in Account Tackover. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in v0.3.3. | |||||
| CVE-2018-1000554 | 1 Trovebox | 1 Trovebox | 2018-08-17 | 5.0 MEDIUM | 9.8 CRITICAL |
| Trovebox version <= 4.0.0-rc6 contains a Unsafe password reset token generation vulnerability in user component that can result in Password reset. This attack appear to be exploitable via HTTP request. This vulnerability appears to have been fixed in after commit 742b8ed. | |||||
| CVE-2018-12421 | 1 Ltb-project | 1 Ldap Tool Box Self Service Password | 2018-08-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a user password (without knowing the old password) via a crafted POST request, because the ldap_bind return value is mishandled and the PHP data type is not constrained to be a string. | |||||
| CVE-2018-10081 | 1 Cmsmadesimple | 1 Cms Made Simple | 2018-04-17 | 5.0 MEDIUM | 9.8 CRITICAL |
| CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as demonstrated by a hash beginning with the "0e" substring. | |||||
| CVE-2017-17097 | 1 Gps-server | 1 Gps Tracking Software | 2018-01-18 | 5.0 MEDIUM | 9.8 CRITICAL |
| gps-server.net GPS Tracking Software (self hosted) 2.x has a password reset procedure that immediately resets passwords upon an unauthenticated request, and then sends e-mail with a predictable (date-based) password to the admin, which makes it easier for remote attackers to obtain access by predicting this new password. This is related to the use of gmdate for password creation in fn_connect.php. | |||||
| CVE-2017-7551 | 1 Fedoraproject | 1 389 Directory Server | 2018-01-05 | 5.0 MEDIUM | 9.8 CRITICAL |
| 389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts. | |||||
| CVE-2017-2766 | 1 Emc | 1 Documentum Eroom | 2017-03-09 | 7.5 HIGH | 9.8 CRITICAL |
| EMC Documentum eRoom version 7.4.4, EMC Documentum eRoom version 7.4.4 SP1, EMC Documentum eRoom version prior to 7.4.5 P04, EMC Documentum eRoom version prior to 7.5.0 P01 includes an unverified password change vulnerability that could potentially be exploited by malicious users to compromise the affected system. | |||||