13 matches found
CVE-2025-59786 Cookies are not Invalidated upon Logout and Password Change
2N Access Commander version 3.4.2 and prior improperly invalidates session tokens, allowing multiple session cookies to remain active after logout in web application...
📄 Casdoor 2.283.0 Cross Site Request Forgery
Casdoor version 2.283.0 suffers from a cross site request forgery vulnerability. Related CVE number: CVE-2023-34927. Exploit Title: Casdoor v2.283.0 2026-02-02 - Cross-Site Request Forgery CSRF Application: Casdoor Version: v2.283.0 Date: 03/02/2026 Exploit Author: Van Lam Nguyen Facebook:...
EUVD-2021-12797
Malware in sbrugna...
EUVD-2001-0963
Malware in sbrugna...
EUVD-2018-7757
Malware in sbrugna...
EUVD-2013-4339
Malware in sbrugna...
EUVD-2023-54087
Malicious code in bioql PyPI...
CVE-2025-55629
Insecure permissions in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.46622503122283 allow attackers to arbitrarily change other users' passwords via manipulation of the userName value...
CVE-2025-3272 Incorrect user authorization vulnerability has been identified in Open Text Operations Bridge Manager.
Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability could allow authenticated users to change their password without providing their old password. This issue affects Operations Bridge Manager: 24.2, 24.4...
CVE-2022-2031
...
CVE-2024-22454
Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password recovery mechanism for forgotten passwords. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromise...
PT-2023-29233 · Unknown · Uptime Kuma
Name of the Vulnerable Software and Affected Versions: Uptime Kuma versions prior to 1.23.3 Description: The issue allows attackers with access to a user's device to gain persistent account access due to missing verification of Session Tokens after password changes and/or elapsed inactivity...
Multiple Buffalo routers vulnerable to cross-site request forgery
Overview Multiple routers provided by Buffalo contain a cross-site request forgery vulnerability. Multiple routers provided by Buffalo have a management screen that allows users to modify settings. These routers contain a cross-site request forgery vulnerability due to an issue in the management...