Lucene search
K

165 matches found

Cvelist
Cvelist
added 2025/06/16 12:0 a.m.18 views

CVE-2025-6097 UTT 进取 750W Administrator Password setSysAdm formDefineManagement unverified password change

A vulnerability was found in UTT 进取 750W up to 5.0 and classified as critical. Affected by this issue is the function formDefineManagement of the file /goform/setSysAdm of the component Administrator Password Handler. The manipulation of the argument passwd1 leads to unverified password change. T...

6.9CVSS0.00577EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 10:13 a.m.8 views

CVE-2024-3690

A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Affected by this vulnerability is an unknown functionality of the component Change Password Handler. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the...

8.8CVSS7.5AI score0.01284EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 9:25 a.m.10 views

CVE-2024-6183

A vulnerability classified as problematic has been found in EZ-Suite EZ-Partner 5. Affected is an unknown function of the component Forgot Password Handler. The manipulation leads to basic cross site scripting. It is possible to launch the attack remotely. VDB-269154 is the identifier assigned to...

6.9CVSS6.2AI score0.00415EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:15 a.m.3 views

CVE-2024-9040

A vulnerability, which was classified as problematic, was found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the component Password Handler. The manipulation leads to cleartext storage in a file or on disk. An attack has to be approached locally...

5.5CVSS6.3AI score0.00153EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:39 a.m.5 views

CVE-2023-0674

A vulnerability, which was classified as problematic, has been found in XXL-JOB 2.3.1. Affected by this issue is some unknown functionality of the file /user/updatePwd of the component New Password Handler. The manipulation leads to cross-site request forgery. The attack may be launched remotely...

6.5CVSS4.6AI score0.00387EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:18 a.m.6 views

CVE-2023-4183

A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file editupdate.php of the component Password Handler. The manipulation of the argument userid leads to improper access controls. The atta...

9.8CVSS7.2AI score0.00431EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:33 a.m.8 views

CVE-2023-1949

A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file change-password.php of the component Change Password Handler. The manipulation of the argument password leads to sql injection. It is possibl...

9.8CVSS7.6AI score0.00708EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:16 a.m.9 views

CVE-2023-3760

A vulnerability has been found in Intergard SGS 8.7.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Change Password Handler. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclose...

6.5CVSS6.8AI score0.00847EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/13 9:51 a.m.6 views

CVE-2025-4537

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.8.9 and classified as problematic. Affected by this issue is some unknown functionality of the file ruoyi-ui/jsencrypt.js and ruoyi-ui/login.vue of the component Password Handler. The manipulation leads to cleartext storage of sensitive...

3.1CVSS6.4AI score0.00245EPSS
Exploits0References1
OSV
OSV
added 2025/05/11 10:15 a.m.4 views

CVE-2025-4537

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.8.9 and classified as problematic. Affected by this issue is some unknown functionality of the file ruoyi-ui/jsencrypt.js and ruoyi-ui/login.vue of the component Password Handler. The manipulation leads to cleartext storage of sensitive...

2.3CVSS4.2AI score0.00245EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/05/11 9:31 a.m.36 views

CVE-2025-4537 yangzongzhuan RuoYi-Vue Password login.vue sensitive information in a cookie

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.8.9 and classified as problematic. Affected by this issue is some unknown functionality of the file ruoyi-ui/jsencrypt.js and ruoyi-ui/login.vue of the component Password Handler. The manipulation leads to cleartext storage of sensitive...

3.1CVSS0.00245EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/05/11 12:0 a.m.6 views

PT-2025-20659 · Yangzongzhuan · Ruoyi-Vue

Name of the Vulnerable Software and Affected Versions: RuoYi-Vue versions up to 3.8.9 Description: A problem was found in the Password Handler component, affecting some unknown functionality of the files ruoyi-ui/jsencrypt.js and ruoyi-ui/login.vue. This issue leads to cleartext storage of...

3.1CVSS3.5AI score0.00245EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/05/01 7:7 p.m.12 views

CVE-2025-4076

A vulnerability classified as critical has been found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function easyucisetoptionstring0 of the file /cgi-bin/lighttpd.cgi of the component Password Handler. The manipulation of the argument routepwd leads to command injection. It is possible to...

6.5CVSS7.4AI score0.01921EPSS
Exploits0References1
NVD
NVD
added 2025/04/29 6:15 p.m.21 views

CVE-2025-4076

A vulnerability classified as critical has been found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function easyucisetoptionstring0 of the file /cgi-bin/lighttpd.cgi of the component Password Handler. The manipulation of the argument routepwd leads to command injection. It is possible to...

6.5CVSS0.01921EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/04/29 6:0 p.m.21 views

CVE-2025-4076 LB-LINK BL-AC3600 Password lighttpd.cgi easy_uci_set_option_string_0 command injection

A vulnerability classified as critical has been found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function easyucisetoptionstring0 of the file /cgi-bin/lighttpd.cgi of the component Password Handler. The manipulation of the argument routepwd leads to command injection. It is possible to...

6.5CVSS0.01921EPSS
Exploits0References5
CVE
CVE
added 2025/04/29 6:0 p.m.66 views

CVE-2025-4076

CVE-2025-4076 affects LB-LINK BL-AC3600, версии до 1.0.22. Affected component: Password Handler, function easy_uci_set_option_string_0 in /cgi-bin/lighttpd.cgi. The routepwd parameter can be manipulated to trigger command injection, with remote exploitation possible. Public exploit disclosure not...

6.5CVSS6.9AI score0.01921EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/04/29 12:0 a.m.7 views

PT-2025-18200 · Lb Link · Lb-Link Bl-Ac3600

Name of the Vulnerable Software and Affected Versions: LB-LINK BL-AC3600 versions up to 1.0.22 Description: A critical issue has been discovered, affecting the Password Handler component. Specifically, it impacts the easy uci set option string 0 function within the /cgi-bin/lighttpd.cgi file. The...

6.5CVSS6.3AI score0.01921EPSS
Exploits0References11
NVD
NVD
added 2025/04/17 7:16 p.m.15 views

CVE-2025-3763

A vulnerability classified as critical has been found in SourceCodester Phone Management System 1.0. This affects the function main of the component Password Handler. The manipulation of the argument s leads to buffer overflow. Local access is required to approach this attack. The exploit has bee...

7.8CVSS0.00288EPSS
Exploits1References5
OSV
OSV
added 2025/04/17 7:16 p.m.6 views

CVE-2025-3763

A vulnerability classified as critical has been found in SourceCodester Phone Management System 1.0. This affects the function main of the component Password Handler. The manipulation of the argument s leads to buffer overflow. Local access is required to approach this attack. The exploit has bee...

7.8CVSS5.8AI score0.00288EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/04/17 6:31 p.m.34 views

CVE-2025-3763 SourceCodester Phone Management System Password main buffer overflow

A vulnerability classified as critical has been found in SourceCodester Phone Management System 1.0. This affects the function main of the component Password Handler. The manipulation of the argument s leads to buffer overflow. Local access is required to approach this attack. The exploit has bee...

5.3CVSS0.00288EPSS
Exploits1References5
Rows per page
Query Builder