Lucene search
K

7565 matches found

Nuclei
Nuclei
added 9 hours ago15 views

NocoDB < 0.258.0 - Reflected XSS in Password Reset

NocoDB versions before 0.258.0 contain a reflected cross-site scripting caused by insecure use of '\u003C%-' in resetPassword.ts, letting attackers execute malicious scripts in victims' browsers, exploit requires sending crafted requests to /api/v1/db/auth/password/reset/:tokenId. id:...

6.1CVSS6.1AI score0.00683EPSS
Exploits1References3
Nuclei
Nuclei
added 9 hours ago13 views

LiquidFiles < 4.2 - User Enumeration via Password Reset

LiquidFiles filetransfer server before 4.2 contains a user enumeration vulnerability caused by distinguishable responses in password reset functionality, letting unauthenticated attackers enumerate valid user accounts, exploit requires no authentication. id: CVE-2025-56132 info: name: LiquidFiles...

7.3CVSS6.1AI score0.00648EPSS
Exploits1References2
Nuclei
Nuclei
added 9 hours ago14 views

Piwigo - User Enumeration via Password Reset

Piwigo is an open source photo gallery application for the web. In version 15.5.0 and likely earlier 15.x releases, the password reset functionality in Piwigo allows an unauthenticated attacker to determine whether a given username or email address exists in the system. The endpoint at...

6.9CVSS6.1AI score0.00766EPSS
Exploits1References1
Nuclei
Nuclei
added 9 hours ago10 views

LG LED Assistant - Unauthenticated Password Reset

The /api/changePw endpoint in LG LED Assistant allows unauthenticated password resets when requests are considered to come from localhost. An attacker can spoof the X-Forwarded-For header with value 127.0.0.1 to trigger the behavior and receive a success response. id: CVE-2024-2862 info: name: LG...

9.8CVSS6.1AI score0.51001EPSS
Exploits0References3
Nuclei
Nuclei
added 9 hours ago16 views

Profile Builder < 3.4.9 - Improper Authentication

The Profile Builder plugin before 3.4.9 for WordPress allows unauthenticated attackers to gain administrative access by exploiting an improper authentication vulnerability in the password reset functionality. An attacker can reset the password of any user, including administrators, without proper...

10CVSS7AI score0.07696EPSS
Exploits2References2
Nuclei
Nuclei
added 9 hours ago18 views

WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation

Privilege escalation vulnerability exists in the Frontend Login and Registration Blocks plugin for WordPress versions = 1.0.7. An unauthenticated attacker can exploit the AJAX endpoint flrblocksusersettingshandleajaxcallback to change the administrator's email address. Subsequently, the attacker...

9.8CVSS7AI score0.06441EPSS
Exploits4References5
Nuclei
Nuclei
added 9 hours ago16 views

Hippoo Mobile App for WooCommerce <= 1.9.4 - Authentication Bypass to Admin Account Takeover

Hippoo Mobile App for WooCommerce WordPress plugin = 1.9.4 contains an authentication bypass caused by logic conflation in user permission checks, letting unauthenticated attackers take over administrator accounts via REST API password reset. id: CVE-2026-10580 info: name: Hippoo Mobile App for...

9.8CVSS6.1AI score0.02841EPSS
Exploits1References2
Nuclei
Nuclei
added 9 hours ago44 views

iTop - User Enumeration via REST Endpoint

From the webservices/rest.php file, several operations are accessible from an unauthenticated user. One of them is doresetpwd, allowing to reset a user password. This feature can be abused to perform user enumeration when a non-existent user is provided. id: CVE-2024-51739 info: name: iTop - User...

7.5CVSS7AI score0.01259EPSS
Exploits0References3
Nuclei
Nuclei
added 9 hours ago11 views

BMC FootPrints - Authentication Bypass

BMC FootPrints versions 20.20.02 through 20.24.01.001 contain an authentication bypass vulnerability in the password reset functionality. Unauthenticated attackers can access the /footprints/servicedesk/passwordreset/request/ endpoint to obtain a valid SECTOKEN session cookie without proper...

9.1CVSS6.2AI score0.3436EPSS
Exploits4References2
Positive Technologies
Positive Technologies
added 2 days ago10 views

PT-2026-57416

Name of the Vulnerable Software and Affected Versions The Essential Addons for Elementor versions prior to 6.6.11 Description Insufficient server-side validation of a Login/Register widget setting allows authenticated attackers with Contributor-level access or higher to perform Email Header...

8.8CVSS6.1AI score0.00367EPSS
Exploits0References12
The Hacker News
The Hacker News
added 3 days ago9 views

Laser Attack Resets Tangem Wallet Passwords on Cards That Can't Be Patched

Researchers at Ledger's Donjon security team have shown that a precisely timed laser pulse, aimed at the chip inside a Tangem crypto wallet card, can reset the card's password to anything the attacker picks. No old password. No backup card. Once it is reset, whoever did it controls the wallet and...

6.1AI score
Exploits0
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-42882

Capgo before 12.128.2 contains an authentication bypass vulnerability in the password change endpoint that allows attackers to change user passwords without requiring current password confirmation. Attackers with temporary session access can exploit this flaw to permanently lock out legitimate...

8.7CVSS6.1AI score0.00357EPSS
Exploits0References2
NVD
NVD
added 4 days ago4 views

CVE-2026-55207

Pimcore is an Open Source Data & Experience Management Platform. Prior to 2025.4.6 and 2026.1.6, an unauthenticated attacker who knows a valid admin username can take over any Pimcore admin account by sending a password reset request with an attacker-controlled resetPasswordUrl. The server...

8.8CVSS0.0035EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-55207

Pimcore is an Open Source Data & Experience Management Platform. Prior to 2025.4.6 and 2026.1.6, an unauthenticated attacker who knows a valid admin username can take over any Pimcore admin account by sending a password reset request with an attacker-controlled resetPasswordUrl. The server...

8.8CVSS6AI score0.0035EPSS
Exploits0References6Affected Software1
CVE
CVE
added 4 days ago7 views

CVE-2026-55207

CVE-2026-55207 affects Pimcore: an unauthenticated attacker who knows a valid admin username can hijack an admin account by abusing a malicious resetPasswordUrl in a password reset request. The server generates a real cryptographic recovery token, appends it to the attacker-controlled URL, emails...

8.8CVSS6AI score0.0035EPSS
Exploits0References5
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-55207 Pimcore: Account Takeover via Password Reset URL Injection allows unauthenticated attacker to hijack any admin account with 2FA bypass

Pimcore is an Open Source Data & Experience Management Platform. Prior to 2025.4.6 and 2026.1.6, an unauthenticated attacker who knows a valid admin username can take over any Pimcore admin account by sending a password reset request with an attacker-controlled resetPasswordUrl. The server...

8.8CVSS0.0035EPSS
Exploits0References5
NVD
NVD
added 4 days ago4 views

CVE-2026-14245

The miniOrange OTP Login, Verification and SMS Notifications plugin for WordPress is vulnerable to Authentication Bypass leading to Administrator Account Takeover in all versions up to, and including, 5.5.1. This is due to the umresetpasswordprocesshook function performing no server-side...

9.8CVSS0.00586EPSS
Exploits0References10
CVE
CVE
added 4 days ago20 views

CVE-2026-14245

The CVE-2026-14245 entry concerns the miniOrange OTP Login, Verification and SMS Notifications plugin for WordPress (versions up to and including 5.5.1). The root cause is that um_reset_password_process_hook() performs no server-side verification of OTP completion and relies on a public form_nonc...

9.8CVSS6AI score0.00586EPSS
Exploits0References10
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42543

The miniOrange OTP Login, Verification and SMS Notifications plugin for WordPress is vulnerable to Authentication Bypass leading to Administrator Account Takeover in all versions up to, and including, 5.5.1. This is due to the umresetpasswordprocesshook function performing no server-side...

9.8CVSS6AI score0.00586EPSS
Exploits0References10
Cvelist
Cvelist
added 4 days ago33 views

CVE-2026-14245 miniOrange OTP Login, Verification and SMS Notifications <= 5.5.1 - Authentication Bypass to Administrator Account Takeover via 'username_b' Parameter

The miniOrange OTP Login, Verification and SMS Notifications plugin for WordPress is vulnerable to Authentication Bypass leading to Administrator Account Takeover in all versions up to, and including, 5.5.1. This is due to the umresetpasswordprocesshook function performing no server-side...

9.8CVSS0.00586EPSS
Exploits0References10
Rows per page
Query Builder