Lucene search
+L

2133 matches found

CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

FoxCMS 授权问题漏洞

FoxCMS is a content management system provided by FoxCMS Company in China, available for free commercial use and open source. Versions of FoxCMS 1.2.6 and earlier have a licensing issue vulnerability, which stems from a weak password recovery vulnerability in the Edit function of the Admin.php fi...

5.8CVSS5.8AI score0.00223EPSS
Exploits0References5
NVD
NVD
added 2026/05/25 11:16 p.m.16 views

CVE-2026-45217

Authentication Bypass Using an Alternate Path or Channel vulnerability in ThemeHigh Stripe Payment Gateway for WooCommerce allows Password Recovery Exploitation. This issue affects Stripe Payment Gateway for WooCommerce: from n/a through 5.0.7...

6.5CVSS0.00352EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/25 10:29 p.m.9 views

CVE-2026-45217 WordPress Stripe Payment Gateway for WooCommerce plugin <= 5.0.7 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in ThemeHigh Stripe Payment Gateway for WooCommerce allows Password Recovery Exploitation. This issue affects Stripe Payment Gateway for WooCommerce: from n/a through 5.0.7...

6.5CVSS5.8AI score0.00352EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/25 10:29 p.m.24 views

CVE-2026-45217 WordPress Stripe Payment Gateway for WooCommerce plugin <= 5.0.7 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in ThemeHigh Stripe Payment Gateway for WooCommerce allows Password Recovery Exploitation. This issue affects Stripe Payment Gateway for WooCommerce: from n/a through 5.0.7...

6.5CVSS0.00352EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/25 10:29 p.m.14 views

CVE-2026-45217

Authentication Bypass Using an Alternate Path or Channel vulnerability in ThemeHigh Stripe Payment Gateway for WooCommerce allows Password Recovery Exploitation. This issue affects Stripe Payment Gateway for WooCommerce: from n/a through 5.0.7...

6.5CVSS5.8AI score0.00352EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/25 10:29 p.m.10 views

EUVD-2026-31769

Authentication Bypass Using an Alternate Path or Channel vulnerability in ThemeHigh Stripe Payment Gateway for WooCommerce allows Password Recovery Exploitation. This issue affects Stripe Payment Gateway for WooCommerce: from n/a through 5.0.7...

6.5CVSS5.8AI score0.00352EPSS
Exploits0References1
CVE
CVE
added 2026/05/25 10:29 p.m.35 views

CVE-2026-45217

CVE-2026-45217 concerns the WordPress Stripe Payment Gateway for WooCommerce plugin (≤ 5.0.7). Connected sources describe a Broken Authentication vulnerability allowing an Authentication Bypass via an alternate path or channel, enabling Password Recovery Exploitation. Affected component is the St...

6.5CVSS5.8AI score0.00352EPSS
Exploits0References1
NVD
NVD
added 2026/05/25 4:16 p.m.17 views

CVE-2026-9466

A vulnerability was determined in Tiandy Easy7 Integrated Management Platform 7.17.0. This issue affects some unknown processing of the file /rest/user/updateUserPassword of the component API Endpoint. Executing a manipulation can lead to weak password recovery. The attack can be executed remotel...

6.9CVSS0.00352EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/25 2:30 p.m.14 views

EUVD-2026-31698

A vulnerability was determined in Tiandy Easy7 Integrated Management Platform 7.17.0. This issue affects some unknown processing of the file /rest/user/updateUserPassword of the component API Endpoint. Executing a manipulation can lead to weak password recovery. The attack can be executed remotel...

6.9CVSS5.7AI score0.00352EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/25 2:30 p.m.9 views

CVE-2026-9466

A vulnerability was determined in Tiandy Easy7 Integrated Management Platform 7.17.0. This issue affects some unknown processing of the file /rest/user/updateUserPassword of the component API Endpoint. Executing a manipulation can lead to weak password recovery. The attack can be executed remotel...

6.9CVSS5.4AI score0.00352EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/25 2:30 p.m.33 views

CVE-2026-9466 Tiandy Easy7 Integrated Management Platform API Endpoint updateUserPassword password recovery

A vulnerability was determined in Tiandy Easy7 Integrated Management Platform 7.17.0. This issue affects some unknown processing of the file /rest/user/updateUserPassword of the component API Endpoint. Executing a manipulation can lead to weak password recovery. The attack can be executed remotel...

6.9CVSS0.00352EPSS
Exploits0References4
CVE
CVE
added 2026/05/25 2:30 p.m.29 views

CVE-2026-9466

Tiandy Easy7 Integrated Management Platform 7.17.0 contains an API Endpoint vulnerability in /rest/user/updateUserPassword, where input manipulation can lead to weak password recovery. The issue is exploitable remotely and has publicly disclosed exploit activity. No remediation details are provid...

6.9CVSS5.7AI score0.00352EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/25 2:30 p.m.9 views

CVE-2026-9466 Tiandy Easy7 Integrated Management Platform API Endpoint updateUserPassword password recovery

A vulnerability was determined in Tiandy Easy7 Integrated Management Platform 7.17.0. This issue affects some unknown processing of the file /rest/user/updateUserPassword of the component API Endpoint. Executing a manipulation can lead to weak password recovery. The attack can be executed remotel...

6.9CVSS5.7AI score0.00352EPSS
Exploits0References4
OSV
OSV
added 2026/05/25 8:23 a.m.9 views

CLSA-2026-1779697425 postgresql: Fix of CVE-2026-6478

CVE-2026-6478: backport upstream prerequisite that introduces the timingsafebcmp constant-time memory comparison helper, then apply it to SCRAM and MD5 authentication paths that previously used memcmp or strcmp on password hashes, computed keys, and SCRAM nonces, to prevent timing-side-channel...

8.2CVSS5.8AI score0.00558EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.22 views

PT-2026-43080

A vulnerability was determined in Tiandy Easy7 Integrated Management Platform 7.17.0. This issue affects some unknown processing of the file /rest/user/updateUserPassword of the component API Endpoint. Executing a manipulation can lead to weak password recovery. The attack can be executed remotel...

6.9CVSS5.7AI score0.00352EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.16 views

Tiandy Easy7 Integrated Management Platform 授权问题漏洞

Tiandy Easy7 Integrated Management Platform is a video surveillance integrated management platform from Tiandy, China. An authorization issue vulnerability exists in Tiandy Easy7 Integrated Management Platform version 7.17.0, which originates from the handling of the file...

6.9CVSS6AI score0.00352EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.18 views

PT-2026-43147

Name of the Vulnerable Software and Affected Versions Stripe Payment Gateway for WooCommerce versions prior to 5.0.8 Description An authentication bypass using an alternate path or channel exists in the ThemeHigh Stripe Payment Gateway for WooCommerce, which allows for password recovery...

6.5CVSS5.8AI score0.00352EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/20 3:46 p.m.19 views

Weak Password Recovery Mechanism for Forgotten Password

Overview phpmyfaq/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Weak Password Recovery Mechanism for Forgotten Password via the updatePassword process. An attacker can gain unauthorized access to any user account,...

8.8CVSS5.8AI score0.00324EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/20 3:46 p.m.14 views

Weak Password Recovery Mechanism for Forgotten Password

Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Weak Password Recovery Mechanism for Forgotten Password via the updatePassword process. An attacker can gain unauthorized access to any user account,...

8.8CVSS5.8AI score0.00324EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/20 3:45 p.m.12 views

Weak Password Recovery Mechanism for Forgotten Password

Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Weak Password Recovery Mechanism for Forgotten Password via the updatePassword function. An attacker can enumerate valid user accounts and forcibly chan...

8.8CVSS5.8AI score0.00241EPSS
Exploits0References2
Rows per page
Query Builder