CVE-2026-40496 FreeScout has Predictable Attachment Token that Allows Unauthenticated Private File Download via Brute Force

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, attachment download tokens are generated using a weak and predictable formula: md5APPKEY + attachmentid + size. Since attachmentid is sequential and size can be brute-forced in a small range, an unauthenticate...

CVE-2025-13390 WP Directory Kit <= 1.4.4 - Authentication Bypass to Privilege Escalation via Account Takeover

The WP Directory Kit plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.4.4 due to incorrect implementation of the authentication algorithm in the "wdkgenerateautologinlink" function. This is due to the feature using a cryptographically weak token...

EUVD-2025-198034

The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and email change confirmation. These tokens are generated by hashing the current timestamp formatted ...

Cross site request forgery (csrf)

The cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. In a successful CSRF attack, the attacker could lead the victim user to carry out an action unintentionally...

Westermo Lynx 206-F2G Cross-Site Request Forgery Vulnerability

The Westermo Lynx 206-F2G is a Layer 3 industrial Ethernet switch from Westermo, Sweden, powered by the Westermo WeOS network operating system. A security vulnerability exists in the Westermo Lynx 206-F2G that stems from cross-site requests for forged tokens being predictable...

Golf 跨站请求伪造漏洞

Golf is a fast, simple, and lightweight web framework for individual developers at Peixuan Ding. Golf suffers from a cross-site request forgery vulnerability that stems from an insecurely generated CSRF token. An attacker can exploit this vulnerability to predict CSRF tokens...

phpservermon 安全特征问题漏洞

phpservermon is a script that checks to see if your website and server are up and running. A security vulnerability exists in phpservermon that stems from the generatePasswordResetToken function of its src/psm/Service/User.php component causing the random number generator to use a predictable...

PT-2019-12525 · Matrix +2 · Matrix Sydent +3

Name of the Vulnerable Software and Affected Versions: Matrix Sydent versions prior to 1.0.3 Synapse versions prior to 0.99.3.1 Description: An issue was discovered that makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID due to mishandled random number...