Lucene search
K

78 matches found

NVD
NVD
added 2026/05/10 1:16 p.m.22 views

CVE-2021-47946

OpenCart 3.0.3.6 contains a cross-site request forgery vulnerability in the /account/edit endpoint that allows unauthenticated attackers to modify victim account details by tricking users into visiting malicious pages. Attackers can craft CSRF payloads that change victim email addresses and accou...

6.9CVSS0.00151EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/02/16 6:38 p.m.5 views

WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'check_mollie_account_details' vulnerability

Missing Authorization in 'checkmollieaccountdetails' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...

4.3CVSS5.5AI score0.00242EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/29 12:0 a.m.6 views

PT-2026-5282

Name of the Vulnerable Software and Affected Versions Liman version 0.7 Description The software contains a cross-site request forgery issue that allows attackers to manipulate user account settings without proper request validation. Attackers can create malicious HTML forms to change user...

5.3CVSS5.2AI score0.00162EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/01/15 11:25 p.m.29 views

CVE-2021-47800 b2evolution 7.2.2 - 'edit account details' Cross-Site Request Forgery (CSRF)

b2evolution 7.2.2 contains a cross-site request forgery vulnerability that allows attackers to modify admin account details without authentication. Attackers can craft a malicious HTML form to submit unauthorized changes to user profiles by tricking victims into loading a specially crafted webpag...

6.9CVSS0.00155EPSS
Exploits0References5
Malwarebytes
Malwarebytes
added 2026/01/07 12:19 p.m.5 views

One million customers on alert as extortion group claims massive Brightspeed data haul

US fiber broadband company Brightspeed is investigating claims by the Crimson Collective extortion group that it stole sensitive data belonging to more than 1 million residential customers, including extensive personally identifiable information PII, as well as account and billing details...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.5 views

CVE-2019-16133

An issue was discovered in eteams OA v4.0.34. Because the session is not strictly checked, the account names and passwords of all employees in the company can be obtained by an ordinary account. Specifically, the attacker sends a jsessionid value for URIs under app/profile/summary/...

6.5CVSS6.9AI score0.01025EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2025/11/09 2:27 a.m.3 views

SUSE CVE-2016-11080

An issue was discovered in Mattermost Server before 3.0.0. It offers superfluous APIs for a Team Administrator to view account details...

4.3CVSS6.9AI score0.00651EPSS
Exploits0References2
OSV
OSV
added 2025/10/30 3:2 p.m.5 views

GO-2025-4063 Mattermost Server exposes account details to any Team Administrator in github.com/mattermost/mattermost-server

Mattermost Server exposes account details to any Team Administrator in github.com/mattermost/mattermost-server...

4.3CVSS7AI score0.00651EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-5090

Malware in sbrugna...

4.3CVSS6.4AI score0.00556EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-2069

Malware in sbrugna...

4.3CVSS4.9AI score0.00651EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-18296

Malware in sbrugna...

6.1CVSS6.3AI score0.00632EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-30208

Malware in sbrugna...

4.3CVSS4.8AI score0.00724EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-5803

Malware in sbrugna...

3.5CVSS6.4AI score0.00688EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-18295

Malware in sbrugna...

9.8CVSS9.5AI score0.01035EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-15108

Malware in sbrugna...

4.3CVSS4.7AI score0.17883EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-51667

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References1
NVD
NVD
added 2025/09/15 2:15 p.m.15 views

CVE-2025-56710

A Cross-Site Request Forgery CSRF vulnerability was identified in the Profile Page of the PHPGurukul Student-Result-Management-System-Using-PHP-V2.0. This flaw allows an attacker to trick authenticated users into unintentionally modifying their account details. By crafting a malicious HTML page, ...

7.3CVSS0.00183EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/09/15 12:0 a.m.3 views

CVE-2025-56710

A Cross-Site Request Forgery CSRF vulnerability was identified in the Profile Page of the PHPGurukul Student-Result-Management-System-Using-PHP-V2.0. This flaw allows an attacker to trick authenticated users into unintentionally modifying their account details. By crafting a malicious HTML page, ...

6.1AI score0.00183EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/09/15 12:0 a.m.5 views

PT-2025-37487

Name of the Vulnerable Software and Affected Versions: PHPGurukul Student-Result-Management-System-Using-PHP-V2.0 version 2.0 Description: A Cross-Site Request Forgery CSRF flaw exists in the Profile Page of the software. This allows an attacker to trick authenticated users into unintentionally...

7.3CVSS6.1AI score0.00183EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/22 11:10 p.m.6 views

CVE-2022-30834

Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/clientmanageaccountdetails.php?bookingid=31id=...

7.2CVSS8.1AI score0.00958EPSS
Exploits1References1
Rows per page
Query Builder