6 matches found
CVE-2020-27422
In Anuko Time Tracker v1.19.23.5311, the password reset link emailed to the user doesn't expire once used, allowing an attacker to use the same link to takeover the account...
Anuko Time Tracker 1.19.23.5311 - Password Reset leading to Account Takeover
Exploit Title: Anuko Time Tracker 1.19.23.5311 - Password Reset Vulnerability leading to Account Takeover Date: 2020-11-11 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.anuko.com/ Software Link: https://www.anuko.com/time-tracker/index.htm Version: 1.19.23.5311 Tested on: Kali...
CVE-2020-27422
creationtimestamp| type| source ---|---|--- 2020-11-16 18:37:35+00:00| seen| https://t.me/cibsecurity/16348...
CVE-2020-27422
In Anuko Time Tracker v1.19.23.5311, the password reset link emailed to the user doesn't expire once used, allowing an attacker to use the same link to takeover the account...
CVE-2020-27422
CVE-2020-27422 affects Anuko Time Tracker v1.19.23.5311, where the password reset link sent by email does not expire after use, enabling an attacker to reuse the same link to take over a victim’s account. The vulnerability is evidenced in multiple sources (including exploit reports) and is mitiga...
Anuko Time Tracker 1.19.23.5311 Password Reset
Exploit Title: Anuko Time Tracker 1.19.23.5311 Password Reset Vulnerability leading to Account Takeover Date: 2020-11-11 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.anuko.com/ Software Link: https://www.anuko.com/time-tracker/index.htm Version Tested: 1.19.23.5311 Patched...