172 matches found
Design/Logic Flaw
HumHub is an Open Source Enterprise Social Network. In affected versions users who are forced to change their password by an administrator may retrieve other users' data. This issue has been resolved by commit eb83de20. It is recommended that the HumHub is upgraded to 1.11.0, 1.10.4 or 1.9.4. The...
CVE-2022-24865 Improper access control in humhub
HumHub is an Open Source Enterprise Social Network. In affected versions users who are forced to change their password by an administrator may retrieve other users' data. This issue has been resolved by commit eb83de20. It is recommended that the HumHub is upgraded to 1.11.0, 1.10.4 or 1.9.4. The...
CVE-2022-24865
CVE-2022-24865 affects HumHub (Open Source Enterprise Social Network) with an improper access control vulnerability allowing a forced-password-change flow to let an attacker retrieve other users’ data. The issue has a fixed commit eb83de20 and remediation guidance recommends upgrading HumHub to 1...
CVE-2022-24865 Improper access control in humhub
HumHub is an Open Source Enterprise Social Network. In affected versions users who are forced to change their password by an administrator may retrieve other users' data. This issue has been resolved by commit eb83de20. It is recommended that the HumHub is upgraded to 1.11.0, 1.10.4 or 1.9.4. The...
CVE-2022-24865 Improper access control in humhub
HumHub is an Open Source Enterprise Social Network. In affected versions users who are forced to change their password by an administrator may retrieve other users' data. This issue has been resolved by commit eb83de20. It is recommended that the HumHub is upgraded to 1.11.0, 1.10.4 or 1.9.4. The...
HumHub 安全漏洞
Humhub is a set of open source social networking software written on the Yii PHP framework. HumHub has a security vulnerability that stems from the fact that users who are forced by administrators to change their passwords may be able to retrieve data from other users. No detailed vulnerability...
CVE-2021-43847
HumHub is an open-source social network kit written in PHP. Prior to HumHub version 1.10.3 or 1.9.3, it could be possible for registered users to become unauthorized members of private Spaces. Versions 1.10.3 and 1.9.3 contain a patch for this issue...
CVE-2021-43847
HumHub is an open-source social network kit written in PHP. Prior to HumHub version 1.10.3 or 1.9.3, it could be possible for registered users to become unauthorized members of private Spaces. Versions 1.10.3 and 1.9.3 contain a patch for this issue...
CVE-2021-43847
HumHub (PHP open-source social network kit) is affected by CVE-2021-43847. The issue allowed registered users to become unauthorized members of private Spaces prior to versions 1.10.3 and 1.9.3. A patch was released in HumHub 1.10.3 and 1.9.3 to address this authorization bypass. The available co...
CVE-2021-43847 Authorization Bypass in Space Invite in HumHub
HumHub is an open-source social network kit written in PHP. Prior to HumHub version 1.10.3 or 1.9.3, it could be possible for registered users to become unauthorized members of private Spaces. Versions 1.10.3 and 1.9.3 contain a patch for this issue...
HumHub 授权问题漏洞
Humhub is a set of open source social networking software written on the Yii PHP framework. HumHub suffers from an authorization issue vulnerability that stems from the possibility of registered users becoming unauthorized members of a private space. No detailed vulnerability details are availabl...
PT-2021-23977 · Humhub · Humhub
Name of the Vulnerable Software and Affected Versions: HumHub versions prior to 1.10.3 HumHub versions prior to 1.9.3 Description: HumHub is an open-source social network kit written in PHP. Prior to certain versions, it could be possible for registered users to become unauthorized members of...
in humhub/humhub
Description Hello guys, hope you are having an awesome day! 🤗 HumHub has a functionality for spaces where you define that only invited users will be able to join a space. Private spaces come with this option but you can also define it for public ones. While a user is creating a space, this user i...
HumHub Social Network Kit Enterprise Information Disclosure Vulnerability
HumHub Social Network Kit Enterprise is an open source social networking kit. version 1.3.13 of HumHub Social Network Kit Enterprise contains an information disclosure vulnerability that stems from a configuration or other error in the operation of the network system or product, which could be...
CVE-2019-12743
HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts existing on any Social Network Kits including self-hosted ones by brute-forcing the username after the /u/ initial URI substring, aka Response Discrepancy Information Exposure...
CVE-2019-12743
HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts existing on any Social Network Kits including self-hosted ones by brute-forcing the username after the /u/ initial URI substring, aka Response Discrepancy Information Exposure...
Design/Logic Flaw
HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts existing on any Social Network Kits including self-hosted ones by brute-forcing the username after the /u/ initial URI substring, aka Response Discrepancy Information Exposure...
CVE-2019-12743
HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts existing on any Social Network Kits including self-hosted ones by brute-forcing the username after the /u/ initial URI substring, aka Response Discrepancy Information Exposure...
CVE-2019-12743
CVE-2019-12743 affects HumHub Social Network Kit Enterprise v1.3.13. The issue is an information disclosure: an attacker can enumerate existing user accounts by brute-forcing usernames after the /u/ URI substring (Response Discrepancy Information Exposure). Exploitation is remote over the network...
Humhub Directory Traversal Vulnerability
HumHub is a free and open source social networking software , written on the Yii PHP framework , provides an easy-to-use toolkit for creating and launching your own social network . Humhub suffers from a directory traversal vulnerability. An attacker can exploit the vulnerability to obtain...