Lucene search
+L

188 matches found

NVD
NVD
added 2026/03/11 9:16 p.m.5 views

CVE-2026-32103

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the POST /studiocmsapi/dashboard/create-reset-link endpoint allows any authenticated user with admin privileges to generate a password reset token for any other user, including the owner account...

7.2CVSS0.00344EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/11 6:37 p.m.1 views

CVE-2026-31881 Runtipi unauthenticated /api/auth/reset-password allows operator account takeover during active reset window

Runtipi is a personal homeserver orchestrator. Prior to 4.8.0, an unauthenticated attacker can reset the operator admin password when a password-reset request is active, resulting in full account takeover. The endpoint POST /api/auth/reset-password is exposed without authentication/authorization...

7.7CVSS5.9AI score0.0043EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/11 6:37 p.m.32 views

CVE-2026-31881 Runtipi unauthenticated /api/auth/reset-password allows operator account takeover during active reset window

Runtipi is a personal homeserver orchestrator. Prior to 4.8.0, an unauthenticated attacker can reset the operator admin password when a password-reset request is active, resulting in full account takeover. The endpoint POST /api/auth/reset-password is exposed without authentication/authorization...

7.7CVSS0.0043EPSS
Exploits1References1
OSV
OSV
added 2026/03/05 9:58 p.m.5 views

GHSA-JC5M-WRP2-QQ38 Flowise Vulnerable to PII Disclosure on Unauthenticated Forgot Password Endpoint

Summary The /api/v1/account/forgot-password endpoint returns the full user object including PII id, name, email, status, timestamps in the response body instead of a generic success message. This exposes sensitive user information to unauthenticated attackers who only need to know a valid email...

6.9CVSS5.9AI score0.00328EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/05 9:58 p.m.16 views

Flowise Vulnerable to PII Disclosure on Unauthenticated Forgot Password Endpoint

Summary The /api/v1/account/forgot-password endpoint returns the full user object including PII id, name, email, status, timestamps in the response body instead of a generic success message. This exposes sensitive user information to unauthenticated attackers who only need to know a valid email...

5.9AI score
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/03/02 4:16 p.m.8 views

EUVD-2026-9207

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the password forgot endpoint returned different responses for registered and unregistered emails, allowing user enumeration. This issue has been patched in version 0.301.3...

6.9CVSS5.8AI score0.00601EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.5 views

PT-2026-22629

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 0.301.3 Description NocoDB is software for building databases as spreadsheets. The password forgot endpoint returns different responses for registered and unregistered emails, allowing user enumeration. The...

6.9CVSS5.9AI score0.00601EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.8 views

PT-2026-21315

LabCollector 5.423 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through POST parameters. Attackers can submit crafted SQL payloads in the login parameter of login.php or the user name parameter o...

8.8CVSS6.4AI score0.00478EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/19 12:0 a.m.2 views

CVE-2026-26744

A user enumeration vulnerability exists in FormaLMS 4.1.18 and below in the password recovery functionality accessible via the /lostpwd endpoint. The application returns different error messages for valid and invalid usernames allowing an unauthenticated attacker to determine which usernames are...

5.5AI score0.00293EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/19 12:0 a.m.1 views

CVE-2026-26744

A user enumeration vulnerability exists in FormaLMS 4.1.18 and below in the password recovery functionality accessible via the /lostpwd endpoint. The application returns different error messages for valid and invalid usernames allowing an unauthenticated attacker to determine which usernames are...

5.5AI score0.00293EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/19 12:0 a.m.24 views

CVE-2026-26744

A user enumeration vulnerability exists in FormaLMS 4.1.18 and below in the password recovery functionality accessible via the /lostpwd endpoint. The application returns different error messages for valid and invalid usernames allowing an unauthenticated attacker to determine which usernames are...

0.00293EPSS
Exploits0References2
OSV
OSV
added 2026/02/07 10:15 a.m.3 views

CVE-2026-2081

A vulnerability was determined in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/setpassword. This manipulation of the argument httppasswd causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclos...

7.2CVSS5.6AI score
Exploits0References6
Packet Storm
Packet Storm
added 2026/02/05 12:0 a.m.171 views

📄 Casdoor 2.284.0 / 2.285.0 Cross Site Request Forgery

Casdoor versions 2.284.0 and 2.285.0 suffer a cross site request forgery vulnerability that was originally discovered in an earlier version but has not been addressed. Related CVE number: CVE-2023-34927. Exploit Title: Casdoor v2.284.0 2026-02-03 & v2.285.0 2026-02-03 - Cross-Site Request Forgery...

6.5CVSS5AI score0.03093EPSS
Exploits10
Packet Storm
Packet Storm
added 2026/02/03 12:0 a.m.174 views

📄 Casdoor 2.283.0 Cross Site Request Forgery

Casdoor version 2.283.0 suffers from a cross site request forgery vulnerability. Related CVE number: CVE-2023-34927. Exploit Title: Casdoor v2.283.0 2026-02-02 - Cross-Site Request Forgery CSRF Application: Casdoor Version: v2.283.0 Date: 03/02/2026 Exploit Author: Van Lam Nguyen Facebook:...

6.5CVSS5AI score0.03093EPSS
Exploits10
Packet Storm
Packet Storm
added 2026/02/02 12:0 a.m.170 views

📄 Appsmith 1.92 Origin Header Injection

A critical vulnerability in Appsmith version 1.92 allows an unauthenticated attacker to manipulate the Origin HTTP header during the password reset process. Due to improper trust in client‑supplied headers, Appsmith constructs password reset links based on the injected origin. This enables an...

9.6CVSS5.7AI score0.00393EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.6 views

CVE-2026-22604

OpenProject is an open-source, web-based project management software. For OpenProject versions from 11.2.1 to before 16.6.2, when sending a POST request to the /account/changepassword endpoint with an arbitrary User ID as the passwordchangeuserid parameter, the resulting error page would show the...

6.9CVSS6.8AI score0.00254EPSS
Exploits0References1
NVD
NVD
added 2026/01/10 2:15 a.m.8 views

CVE-2026-22604

OpenProject is an open-source, web-based project management software. For OpenProject versions from 11.2.1 to before 16.6.2, when sending a POST request to the /account/changepassword endpoint with an arbitrary User ID as the passwordchangeuserid parameter, the resulting error page would show the...

6.9CVSS0.00254EPSS
Exploits0References4
CVE
CVE
added 2026/01/10 1:7 a.m.22 views

CVE-2026-22604

OpenProject (web-based project management software) is affected in versions 11.2.1 through 16.6.1. A flaw exists in the unauthenticated POST request to the /account/change_password endpoint where providing an arbitrary password_change_user_id reveals the username of the targeted account, enabling...

6.9CVSS6.5AI score0.00254EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/10 1:6 a.m.4 views

CVE-2026-22603 OpenProject has no protection against brute-force attacks in the Change Password function

OpenProject is an open-source, web-based project management software. Prior to version 16.6.2, OpenProject’s unauthenticated password-change endpoint /account/changepassword was not protected by the same brute-force safeguards that apply to the normal login form. In affected versions, an attacker...

6.9CVSS6.7AI score0.0022EPSS
Exploits0References4
CVE
CVE
added 2026/01/10 1:6 a.m.14 views

CVE-2026-22603

CVE-2026-22603 affects OpenProject before version 16.6.2. The vulnerability is due to an unauthenticated password-change endpoint (/account/change_password) that lacked the same brute-force protections as the login form. An attacker who can guess or enumerate user IDs can send unlimited password-...

6.9CVSS6.7AI score0.0022EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder