Lucene search
K

6 matches found

Github Security Blog
Github Security Blog
added 2025/09/02 3:31 p.m.11 views

Silverpeas Core Username Enumeration Vulnerability

A User enumeration vulnerability in the /CredentialsServlet/ForgotPassword endpoint in Silverpeas 6.4.1 and 6.4.2 allows remote attackers to determine valid usernames via the Login parameter...

6.5CVSS7AI score0.00331EPSS
Exploits3References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/02 12:0 a.m.5 views

PT-2025-35568

Name of the Vulnerable Software and Affected Versions: Silverpeas versions 6.4.1 through 6.4.2 Description: A user enumeration issue exists in the /CredentialsServlet/ForgotPassword endpoint. This allows remote attackers to determine valid usernames via the Login parameter. Recommendations:...

6.5CVSS6.3AI score0.00331EPSS
Exploits3References7
CVE
CVE
added 2025/09/02 12:0 a.m.19 views

CVE-2025-46047

CVE-2025-46047 affects Silverpeas versions 6.4.1 and 6.4.2. A user enumeration vulnerability exists in the /CredentialsServlet/ForgotPassword endpoint, where an attacker can determine valid usernames by the Login parameter. Root cause is exposed through a Forgot Password flow that reveals usernam...

6.5CVSS6.5AI score0.00331EPSS
Exploits3References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 6:56 a.m.7 views

CVE-2024-48814

SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive information via the ViewType parameter of the findbywhereclause function...

7.5CVSS7.6AI score0.00532EPSS
Exploits1References1
NVD
NVD
added 2025/01/03 3:15 p.m.16 views

CVE-2024-48814

SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive information via the ViewType parameter of the findbywhereclause function...

7.5CVSS0.00532EPSS
Exploits1References3
OSV
OSV
added 2025/01/03 12:0 a.m.4 views

CVE-2024-48814

SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive information via the ViewType parameter of the findbywhereclause function...

7.5CVSS7.8AI score0.00532EPSS
Exploits1References5
Rows per page
Query Builder