Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2011-4510

Malware in sbrugna...

5CVSS6.1AI score0.02118EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-1000528

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GONICUS GOsa version before commit 56070d6289d47ba3f5918885954dcceb75606001 contains a Cross Site Scripting XSS vulnerability in change password form...

6.1CVSS7AI score0.46323EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/27 12:0 a.m.3 views

PT-2024-40391 · Packagist · Silverstripe/Framework

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue arises after a password reset, where the ChangePasswordForm::doChangePassword function logs in the user without checking Member::canLogIn. This...

4.3CVSS7.1AI score
Exploits0References8
NOZOMI
NOZOMI
added 2020/05/26 12:0 a.m.7 views

Cross-site request forgery attack on change password form

Summary Change password doesn't validate CSRF token properly. Impact An attacker can force the victim to change password without knowing. To successfully complete this attack the victim needs to be logged to the Guardian/CMC and visit a special prepared page containing the forged change password...

8.8CVSS6.9AI score
Exploits0Affected Software2
Github Security Blog
Github Security Blog
added 2019/11/12 11:1 p.m.28 views

Session fixation in change password form

SilverStripe through 4.3.3 allows session fixation in the "change password" form...

6.3CVSS2.9AI score0.0038EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2019/09/20 2:15 p.m.2 views

CVE-2019-15085

An issue was discovered in PRiSE adAS 1.7.0. The current database password is embedded in the change password form...

7.5CVSS7.1AI score0.01371EPSS
Exploits0References2
NVD
NVD
added 2019/09/20 2:15 p.m.16 views

CVE-2019-15085

An issue was discovered in PRiSE adAS 1.7.0. The current database password is embedded in the change password form...

7.5CVSS7.6AI score0.01371EPSS
Exploits0References2
Prion
Prion
added 2019/09/20 2:15 p.m.13 views

Default credentials

An issue was discovered in PRiSE adAS 1.7.0. The current database password is embedded in the change password form...

5CVSS7.6AI score0.01371EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/09/20 1:41 p.m.14 views

CVE-2019-15085

An issue was discovered in PRiSE adAS 1.7.0. The current database password is embedded in the change password form...

7.7AI score0.01371EPSS
Exploits0References2
CNVD
CNVD
added 2018/08/22 12:0 a.m.2 views

Open Microscopy Environment OMERO.web Information Disclosure Vulnerability

Open Microscopy Environment OMERO.web is a set of open source image management platform for Web applications. The platform supports a variety of image file formats , and image management , viewing and editing operations . An information disclosure vulnerability exists in the login form and change...

7.2CVSS6.8AI score0.01219EPSS
Exploits0References1
OSV
OSV
added 2018/06/26 4:29 p.m.1 views

DEBIAN-CVE-2018-1000528

GONICUS GOsa version before commit 56070d6289d47ba3f5918885954dcceb75606001 contains a Cross Site Scripting XSS vulnerability in change password form html/password.php, 308 that can result in injection of arbitrary web script or HTML. This attack appear to be exploitable via the victim must open ...

6.1CVSS6.8AI score0.46323EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2018/06/26 4:29 p.m.14 views

CVE-2018-1000528

GONICUS GOsa version before commit 56070d6289d47ba3f5918885954dcceb75606001 contains a Cross Site Scripting XSS vulnerability in change password form html/password.php, 308 that can result in injection of arbitrary web script or HTML. This attack appear to be exploitable via the victim must open ...

6.1CVSS6.8AI score0.46323EPSS
Exploits0References4
OSV
OSV
added 2018/06/26 4:29 p.m.9 views

UBUNTU-CVE-2018-1000528

GONICUS GOsa version before commit 56070d6289d47ba3f5918885954dcceb75606001 contains a Cross Site Scripting XSS vulnerability in change password form html/password.php, 308 that can result in injection of arbitrary web script or HTML. This attack appear to be exploitable via the victim must open ...

6.1CVSS6.8AI score0.46323EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2018/06/26 4:0 p.m.21 views

CVE-2018-1000528

GONICUS GOsa version before commit 56070d6289d47ba3f5918885954dcceb75606001 contains a Cross Site Scripting XSS vulnerability in change password form html/password.php, 308 that can result in injection of arbitrary web script or HTML. This attack appear to be exploitable via the victim must open ...

6.1CVSS6.5AI score0.46323EPSS
Exploits0
Cvelist
Cvelist
added 2018/06/26 4:0 p.m.19 views

CVE-2018-1000528

GONICUS GOsa version before commit 56070d6289d47ba3f5918885954dcceb75606001 contains a Cross Site Scripting XSS vulnerability in change password form html/password.php, 308 that can result in injection of arbitrary web script or HTML. This attack appear to be exploitable via the victim must open ...

6.4AI score0.46323EPSS
Exploits0References4
NVD
NVD
added 2012/07/20 10:40 a.m.18 views

CVE-2011-4585

login/changepassword.php in Moodle 1.9.x before 1.9.15 does not use https for the change-password form even if the httpslogin option is enabled, which allows remote attackers to obtain credentials by sniffing the network...

5CVSS6.3AI score0.02118EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2012/07/20 12:0 a.m.3 views

PT-2012-1917 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 1.9.x through 1.9.14 Description: The issue concerns the change-password form in the login/change password.php file. It does not utilize https for encryption, even when the httpslogin option is enabled. This oversight allows...

5CVSS6.3AI score0.02118EPSS
Exploits0References6
Rows per page
Query Builder