Lucene search
K

204 matches found

NVD
NVD
added 2026/07/06 11:16 p.m.8 views

CVE-2026-53646

FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when a ClientPasswordReset record already exists for a client from a previous unexpired reset request, subsequent calls to the resetpassword guest API endpoint reuse the existing token instea...

7.7CVSS0.00215EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.11 views

PT-2026-56039

Name of the Vulnerable Software and Affected Versions FOSSBilling versions 0.5.6 through 0.7.2 Description When a ClientPasswordReset record already exists for a client from a previous unexpired request, subsequent calls to the reset password guest API endpoint reuse the existing token instead of...

7.7CVSS6AI score0.00215EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/23 8:35 p.m.33 views

CVE-2026-47376 NocoDB: Reflected Cross-Site Scripting via Password Reset Token

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the password-reset page rendered the URL token directly into a JavaScript string literal in a server-rendered EJS template. EJS HTML-entity-encodes a fixed set of characters but does not escape single quotes or...

5.1CVSS0.00262EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.19 views

PT-2026-51627

Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.3 Description Password-reset tokens are generated using the account-activation lifetime conf.Auth.ActivateCodeLives instead of the intended password-reset lifetime conf.Auth.ResetPasswordCodeLives. Because the token...

6.8CVSS5.9AI score0.00202EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/11 6:49 p.m.10 views

EUVD-2026-36292

PenguinMod-BackendApi is the backend api for penguinmod. Prior to version 1.0.0, a NoSQL injection vulnerability in the password reset endpoint allows any authenticated user to change the password of an account, leading to full account takeover. An attacker only needs a registered account and a...

8.7CVSS5.4AI score0.00251EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.15 views

PT-2026-41793

Name of the Vulnerable Software and Affected Versions Sulu versions prior to 2.6.23 Sulu versions prior to 3.0.6 Description Sulu is an open-source PHP content management system based on the Symfony framework. The generation of API keys and password reset tokens utilizes a weak cryptographical ha...

6.9CVSS5.8AI score0.00193EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/13 8:44 p.m.9 views

EUVD-2026-30172

CubeCart is an ecommerce software solution. Prior to 6.7.2, CubeCart 6.6.x – 6.7.1 builds CCSTOREURL directly from the Host request header at bootstrap, with no allowlist. The constant is embedded verbatim into transactional email links, most critically the password-reset link in...

8.1CVSS5.9AI score0.00147EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/12 8:21 p.m.11 views

CVE-2026-42606

AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the ApplyXForwarded middleware unconditionally trusts the client-supplied X-Forwarded-Host HTTP header with no trusted proxy allowlist. An unauthenticated attacker can poison the password reset URL sent to...

8.8CVSS5.8AI score0.00476EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/09 7:43 p.m.9 views

EUVD-2026-28937

AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the ApplyXForwarded middleware unconditionally trusts the client-supplied X-Forwarded-Host HTTP header with no trusted proxy allowlist. An unauthenticated attacker can poison the password reset URL sent to...

8.1CVSS5.8AI score0.00476EPSS
Exploits1References3
OSV
OSV
added 2026/04/20 3:40 p.m.4 views

CVE-2026-24467 OpenAEV's Improper Password Reset Token Management Leads to Unauthenticated Account Takeover and Platform Compromise

OpenAEV is an open source platform allowing organizations to plan, schedule and conduct cyber adversary simulation campaign and tests. Starting in version 1.0.0 and prior to version 2.0.13, OpenAEV's password reset implementation contains multiple security weaknesses that together allow reliable...

9CVSS6AI score0.009EPSS
Exploits1References6
EUVD
EUVD
added 2026/04/16 3:31 p.m.8 views

EUVD-2026-23231

An issue in the Forgot Password feature of Daylight Studio FuelCMS v1.5.2 allows unauthenticated attackers to obtain the password reset token of a victim user via a crafted link placed in a valid e-mail message...

7.1CVSS5.8AI score0.00263EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/16 12:0 a.m.5 views

CVE-2026-30459

An issue in the Forgot Password feature of Daylight Studio FuelCMS v1.5.2 allows unauthenticated attackers to obtain the password reset token of a victim user via a crafted link placed in a valid e-mail message...

5.8AI score0.00263EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/16 12:0 a.m.38 views

CVE-2026-30459

An issue in the Forgot Password feature of Daylight Studio FuelCMS v1.5.2 allows unauthenticated attackers to obtain the password reset token of a victim user via a crafted link placed in a valid e-mail message...

0.00263EPSS
Exploits1References2
OSV
OSV
added 2026/04/16 12:0 a.m.2 views

CVE-2026-30459

An issue in the Forgot Password feature of Daylight Studio FuelCMS v1.5.2 allows unauthenticated attackers to obtain the password reset token of a victim user via a crafted link placed in a valid e-mail message...

7.1CVSS6AI score0.00263EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/03/28 11:9 p.m.6 views

CVE-2026-4248

The Ultimate Member plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.2. This is due to the 'usermeta:passwordresetlink' template tag being processed within post content via the 'umloggedin' shortcode, which generates a valid password...

8CVSS5.9AI score0.00229EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/28 12:31 a.m.10 views

EUVD-2026-16901

The Ultimate Member plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.2. This is due to the 'usermeta:passwordresetlink' template tag being processed within post content via the 'umloggedin' shortcode, which generates a valid password...

8CVSS5.9AI score0.00229EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/27 10:26 p.m.4 views

CVE-2026-4248 Ultimate Member <= 2.11.2 - Authenticated (Contributor+) Sensitive Information Exposure to Account Takeover via Shortcode Template Tag

The Ultimate Member plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.2. This is due to the 'usermeta:passwordresetlink' template tag being processed within post content via the 'umloggedin' shortcode, which generates a valid password...

8CVSS5.9AI score0.00229EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/27 10:26 p.m.3 views

CVE-2026-4248

The Ultimate Member plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.2. This is due to the 'usermeta:passwordresetlink' template tag being processed within post content via the 'umloggedin' shortcode, which generates a valid password...

8CVSS5.9AI score0.00229EPSS
Exploits0References5
CVE
CVE
added 2026/03/27 10:26 p.m.25 views

CVE-2026-4248

The CVE-2026-4248 entry concerns the Ultimate Member WordPress plugin with a vulnerability in versions up to 2.11.2. The issue arises because the '{usermeta:password_reset_link}' template tag is processed inside post content via the [um_loggedin] shortcode, generating a valid password reset token...

8CVSS5.9AI score0.00229EPSS
Exploits0References4
OSV
OSV
added 2026/03/27 10:26 p.m.3 views

CVE-2026-4248 Ultimate Member <= 2.11.2 - Authenticated (Contributor+) Sensitive Information Exposure to Account Takeover via Shortcode Template Tag

The Ultimate Member plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.2. This is due to the 'usermeta:passwordresetlink' template tag being processed within post content via the 'umloggedin' shortcode, which generates a valid password...

8CVSS5.9AI score0.00229EPSS
Exploits0References6
Rows per page
Query Builder