Lucene search
K

10150 matches found

Nuclei
Nuclei
added yesterday10 views

LiquidFiles < 4.2 - User Enumeration via Password Reset

LiquidFiles filetransfer server before 4.2 contains a user enumeration vulnerability caused by distinguishable responses in password reset functionality, letting unauthenticated attackers enumerate valid user accounts, exploit requires no authentication. id: CVE-2025-56132 info: name: LiquidFiles...

7.3CVSS5.9AI score0.00648EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday140 views

GitLab GraphQL API User Enumeration

An unauthenticated remote attacker can leverage this vulnerability to collect registered GitLab usernames, names, and email addresses. id: CVE-2021-4191 info: name: GitLab GraphQL API User Enumeration author: zsusac severity: medium description: An unauthenticated remote attacker can leverage thi...

5.3CVSS7AI score0.80004EPSS
Exploits4References5
Nuclei
Nuclei
added yesterday47 views

Jira - Incorrect Authorization

Jira before version 7.13.3, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 is susceptible to an incorrect authorization check in the /rest/api/2/user/picker rest resource, enabling an attacker to enumerate usernames and gain improper access. id: CVE-2019-3403...

5.3CVSS6.5AI score0.52637EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday26 views

Zoho ManageEngine ADSelfService Plus 6121 - Username Enumeration

Zoho ManageEngine ADSelfService Plus 6121 is vulnerable to username enumeration CVE-2022-28987. The Forgot Password functionality responds differently for existing and non-existing users, allowing attackers to enumerate valid usernames. id: CVE-2022-28987 info: name: Zoho ManageEngine ADSelfServi...

5.3CVSS6.1AI score0.09705EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday72 views

TerraMaster TOS < 4.2.06 - User Enumeration

User Enumeration vulnerability in TerraMaster TOS = 4.2.06 allows remote unauthenticated attackers to identify valid users within the system via the username parameter to wizard/initialise.php. id: CVE-2020-28185 info: name: TerraMaster TOS 4.2.06 - User Enumeration author: pussycat0x severity:...

5.3CVSS6.2AI score0.18066EPSS
Exploits1References5
NVD
NVD
added 2 days ago6 views

CVE-2026-59712

Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to...

8.6CVSS0.0025EPSS
Exploits0References4
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41942

Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to...

8.6CVSS6AI score0.0025EPSS
Exploits0References4
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-59712 Leantime - Credential Disclosure via Unauthenticated JSON-RPC users.getUser Method

Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to...

8.6CVSS0.0025EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2 days ago4 views

CVE-2026-59712 Leantime - Credential Disclosure via Unauthenticated JSON-RPC users.getUser Method

Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to...

8.6CVSS6AI score0.0025EPSS
Exploits0References4
CVE
CVE
added 2 days ago9 views

CVE-2026-59712

According to the connected NVD records, CVE-2026-59712 affects Leantime’s JSON-RPC API via the Users::getUser method. The vulnerability arises from missing authorization checks, enabling authenticated users to call users.getUser with arbitrary user IDs and enumerate accounts. The outcome is expos...

8.6CVSS6AI score0.0025EPSS
Exploits0References4
OSV
OSV
added 5 days ago3 views

UBUNTU-CVE-2026-53422

Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...

2.3CVSS6AI score0.00333EPSS
Exploits0References12
NVD
NVD
added 6 days ago7 views

CVE-2026-53422

Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...

4.3CVSS0.00333EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 6 days ago10 views

CVE-2026-53422 SFTP REALPATH path-existence oracle allowing filesystem enumeration outside configured root

Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...

2.3CVSS5.8AI score0.00333EPSS
Exploits0References7
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-41410

Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...

2.3CVSS5.8AI score0.00333EPSS
Exploits0References7
OSV
OSV
added 6 days ago3 views

GHSA-G5VH-55HW-RXM8 GoFiber Vulnerable to Username Enumeration via Timing Oracle in BasicAuth Default Authorizer

Summary The default Authorizer function in GoFiber's BasicAuth middleware uses short-circuit evaluation that skips password hash comparison for non-existent usernames. With bcrypt-hashed passwords the primary use case, the timing difference between a valid and invalid username is approximately...

5.3CVSS5.9AI score
Exploits0References2
NVD
NVD
added 2026/07/01 1:17 p.m.10 views

CVE-2026-53908

MCO is vulnerable to User Enumeration through authentication-related functionalities. The application returns distinguishable responses for valid and invalid users during username reminder and password reset operations. An attacker can leverage these differences to enumerate valid usernames and...

6.9CVSS0.00211EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 11:59 a.m.7 views

EUVD-2026-40954

MCO is vulnerable to User Enumeration through authentication-related functionalities. The application returns distinguishable responses for valid and invalid users during username reminder and password reset operations. An attacker can leverage these differences to enumerate valid usernames and...

7.1CVSS5.8AI score0.00211EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 11:59 a.m.21 views

CVE-2026-53908

CVE-2026-53908 affects MCO. The vulnerability enables user enumeration via authentication-related functions: username reminder and password reset responses differ for valid vs invalid users, allowing an attacker to discover valid usernames and email addresses. Vulnerable context: confirmed in ver...

6.9CVSS5.8AI score0.00211EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/07/01 11:58 a.m.8 views

EUVD-2026-40949

MCO is vulnerable to an Insecure Direct Object Reference IDOR vulnerability in the /customer/servlet/mco/webapi/trading-document/fetchPdfStatement endpoint. The application does not properly validate whether an authenticated user is authorized to access a requested document, allowing direct...

7.1CVSS5.8AI score0.00244EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 7:16 a.m.9 views

CVE-2026-10750

The Royal MCP WordPress plugin before 1.4.26 does not perform capability checks on the majority of its MCP tools after token authentication, allowing authenticated users with a low-privileged role such as Subscriber to read private content, enumerate all users and their roles, and create, modify,...

8.1CVSS0.00267EPSS
Exploits0References1
Rows per page
Query Builder