CVE-2024-3690

A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Affected by this vulnerability is an unknown functionality of the component Change Password Handler. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the...

CVE-2024-6183

A vulnerability classified as problematic has been found in EZ-Suite EZ-Partner 5. Affected is an unknown function of the component Forgot Password Handler. The manipulation leads to basic cross site scripting. It is possible to launch the attack remotely. VDB-269154 is the identifier assigned to...

CVE-2024-9040

A vulnerability, which was classified as problematic, was found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the component Password Handler. The manipulation leads to cleartext storage in a file or on disk. An attack has to be approached locally...

CVE-2023-0674

A vulnerability, which was classified as problematic, has been found in XXL-JOB 2.3.1. Affected by this issue is some unknown functionality of the file /user/updatePwd of the component New Password Handler. The manipulation leads to cross-site request forgery. The attack may be launched remotely...

CVE-2023-4183

A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file editupdate.php of the component Password Handler. The manipulation of the argument userid leads to improper access controls. The atta...

CVE-2023-1949

A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file change-password.php of the component Change Password Handler. The manipulation of the argument password leads to sql injection. It is possibl...

CVE-2023-3760

A vulnerability has been found in Intergard SGS 8.7.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Change Password Handler. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclose...

CVE-2025-4537

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.8.9 and classified as problematic. Affected by this issue is some unknown functionality of the file ruoyi-ui/jsencrypt.js and ruoyi-ui/login.vue of the component Password Handler. The manipulation leads to cleartext storage of sensitive...

CVE-2025-4537

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.8.9 and classified as problematic. Affected by this issue is some unknown functionality of the file ruoyi-ui/jsencrypt.js and ruoyi-ui/login.vue of the component Password Handler. The manipulation leads to cleartext storage of sensitive...

CVE-2025-4537 yangzongzhuan RuoYi-Vue Password login.vue sensitive information in a cookie

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.8.9 and classified as problematic. Affected by this issue is some unknown functionality of the file ruoyi-ui/jsencrypt.js and ruoyi-ui/login.vue of the component Password Handler. The manipulation leads to cleartext storage of sensitive...

PT-2025-20659 · Yangzongzhuan · Ruoyi-Vue

Name of the Vulnerable Software and Affected Versions: RuoYi-Vue versions up to 3.8.9 Description: A problem was found in the Password Handler component, affecting some unknown functionality of the files ruoyi-ui/jsencrypt.js and ruoyi-ui/login.vue. This issue leads to cleartext storage of...

CVE-2025-4076

A vulnerability classified as critical has been found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function easyucisetoptionstring0 of the file /cgi-bin/lighttpd.cgi of the component Password Handler. The manipulation of the argument routepwd leads to command injection. It is possible to...

CVE-2025-4076

A vulnerability classified as critical has been found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function easyucisetoptionstring0 of the file /cgi-bin/lighttpd.cgi of the component Password Handler. The manipulation of the argument routepwd leads to command injection. It is possible to...

CVE-2025-4076

CVE-2025-4076 affects LB-LINK BL-AC3600, версии до 1.0.22. Affected component: Password Handler, function easy_uci_set_option_string_0 in /cgi-bin/lighttpd.cgi. The routepwd parameter can be manipulated to trigger command injection, with remote exploitation possible. Public exploit disclosure not...

CVE-2025-4076 LB-LINK BL-AC3600 Password lighttpd.cgi easy_uci_set_option_string_0 command injection

A vulnerability classified as critical has been found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function easyucisetoptionstring0 of the file /cgi-bin/lighttpd.cgi of the component Password Handler. The manipulation of the argument routepwd leads to command injection. It is possible to...

PT-2025-18200 · Lb Link · Lb-Link Bl-Ac3600

Name of the Vulnerable Software and Affected Versions: LB-LINK BL-AC3600 versions up to 1.0.22 Description: A critical issue has been discovered, affecting the Password Handler component. Specifically, it impacts the easy uci set option string 0 function within the /cgi-bin/lighttpd.cgi file. The...

CVE-2025-3763

A vulnerability classified as critical has been found in SourceCodester Phone Management System 1.0. This affects the function main of the component Password Handler. The manipulation of the argument s leads to buffer overflow. Local access is required to approach this attack. The exploit has bee...

CVE-2025-3763

A vulnerability classified as critical has been found in SourceCodester Phone Management System 1.0. This affects the function main of the component Password Handler. The manipulation of the argument s leads to buffer overflow. Local access is required to approach this attack. The exploit has bee...

CVE-2025-3763 SourceCodester Phone Management System Password main buffer overflow

A vulnerability classified as critical has been found in SourceCodester Phone Management System 1.0. This affects the function main of the component Password Handler. The manipulation of the argument s leads to buffer overflow. Local access is required to approach this attack. The exploit has bee...

CVE-2025-3763

CVE-2025-3763 affects SourceCodester Phone Management System 1.0, specifically the Password Handler component’s main function. The issue arises from mishandling the argument s, causing a buffer overflow. Local access is required, and the exploit has been disclosed to the public. Some sources note...