EUVD-2026-6121

A vulnerability was identified in vichan-devel vichan up to 5.1.5. This vulnerability affects unknown code of the file inc/mod/pages.php of the component Password Change Handler. The manipulation of the argument Password leads to unverified password change. The attack can be initiated remotely. T...

vichan 授权问题漏洞

Vichan is an open-source PHP image panel developed by vichan-devel. Versions of Vichan 5.1.5 and earlier have a vulnerability related to authorization issues. This vulnerability stems from the handling of the Password parameter by the Password Change Handler component in the inc/mod/pages.php fil...

PT-2026-8317

A vulnerability was identified in vichan-devel vichan up to 5.1.5. This vulnerability affects unknown code of the file inc/mod/pages.php of the component Password Change Handler. The manipulation of the argument Password leads to unverified password change. The attack can be initiated remotely. T...

EUVD-2023-44396

Malicious code in bioql PyPI...

EUVD-2025-12436

Malicious code in bioql PyPI...

EUVD-2025-16626

Malicious code in bioql PyPI...

CVE-2025-5437

The CVE-2025-5437 vulnerability affects Multilaser Sirius RE016 MLT1.0 in the Password Change Handler component, specifically the file /cgi-bin/cstecgi.cgi. The issue arises from manipulation of an unknown function, causing improper authentication. It can be exploited remotely and exploits have b...

PT-2025-23481 · Multilaser · Multilaser Sirius Re016 Mlt1.0

Name of the Vulnerable Software and Affected Versions: Multilaser Sirius RE016 MLT1.0 Description: A critical issue has been found in the Password Change Handler component, specifically in the /cgi-bin/cstecgi.cgi file. The manipulation of an unknown function leads to improper authentication,...

CVE-2024-7161

A vulnerability classified as problematic was found in SeaCMS 13.0. Affected by this vulnerability is an unknown functionality of the file /member.php?action=chgpwdsubmit of the component Password Change Handler. The manipulation of the argument newpwd/newpwd2 leads to cross-site request forgery...

CVE-2023-3761

A vulnerability was found in Intergard SGS 8.7.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Password Change Handler. The manipulation leads to cleartext transmission of sensitive information. The attack may be launched remotely. The...

CVE-2025-3979

A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-password-ajax-1 of the component Password Change Handler. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...

CVE-2025-3979 dazhouda lecms Password Change index.php cross-site request forgery

A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-password-ajax-1 of the component Password Change Handler. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...

PT-2025-18007 · Unknown · Dazhouda Lecms

Name of the Vulnerable Software and Affected Versions: dazhouda lecms version 3.0.3 Description: A problematic issue has been found in the Password Change Handler component, affecting the /index.php?my-password-ajax-1 file. This leads to cross-site request forgery and can be initiated remotely. T...

CVE-2024-7226

A vulnerability was found in SourceCodester Medicine Tracker System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /classes/Users.php?f=saveuser of the component Password Change Handler. The manipulation leads to cross-site request forgery. The attac...

CVE-2024-7226

A vulnerability was found in SourceCodester Medicine Tracker System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /classes/Users.php?f=saveuser of the component Password Change Handler. The manipulation leads to cross-site request forgery. The attac...

CVE-2024-7226

CVE-2024-7226 refers to a cross-site request forgery in SourceCodester Medicine Tracker System 1.0, affecting the code path /classes/Users.php?f=save_user within the Password Change Handler. The vulnerability is triggered remotely and can be exploited after a user visit, with the exploit reported...

CVE-2024-7226 SourceCodester Medicine Tracker System Password Change cross-site request forgery

A vulnerability was found in SourceCodester Medicine Tracker System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /classes/Users.php?f=saveuser of the component Password Change Handler. The manipulation leads to cross-site request forgery. The attac...

CVE-2024-7161

A vulnerability classified as problematic was found in SeaCMS 13.0. Affected by this vulnerability is an unknown functionality of the file /member.php?action=chgpwdsubmit of the component Password Change Handler. The manipulation of the argument newpwd/newpwd2 leads to cross-site request forgery...

CVE-2024-7161

A vulnerability classified as problematic was found in SeaCMS 13.0. Affected by this vulnerability is an unknown functionality of the file /member.php?action=chgpwdsubmit of the component Password Change Handler. The manipulation of the argument newpwd/newpwd2 leads to cross-site request forgery...

PT-2024-38123 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 13.0 Description: A problematic issue was found in the Password Change Handler component, specifically in the /member.php?action=chgpwdsubmit file. The manipulation of the newpwd and newpwd2 arguments leads to cross-site reques...