6 matches found
Silverpeas Core Username Enumeration Vulnerability
A User enumeration vulnerability in the /CredentialsServlet/ForgotPassword endpoint in Silverpeas 6.4.1 and 6.4.2 allows remote attackers to determine valid usernames via the Login parameter...
PT-2025-35568
Name of the Vulnerable Software and Affected Versions: Silverpeas versions 6.4.1 through 6.4.2 Description: A user enumeration issue exists in the /CredentialsServlet/ForgotPassword endpoint. This allows remote attackers to determine valid usernames via the Login parameter. Recommendations:...
CVE-2025-46047
CVE-2025-46047 affects Silverpeas versions 6.4.1 and 6.4.2. A user enumeration vulnerability exists in the /CredentialsServlet/ForgotPassword endpoint, where an attacker can determine valid usernames by the Login parameter. Root cause is exposed through a Forgot Password flow that reveals usernam...
CVE-2024-48814
SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive information via the ViewType parameter of the findbywhereclause function...
CVE-2024-48814
SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive information via the ViewType parameter of the findbywhereclause function...
CVE-2024-48814
SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive information via the ViewType parameter of the findbywhereclause function...