Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/01 10:28 p.m.9 views

CVE-2025-15398

A security vulnerability has been detected in Uasoft badaso up to 2.9.7. Affected is the function forgetPassword of the file src/Controllers/BadasoAuthController.php of the component Token Handler. Such manipulation leads to weak password recovery. The attack can be executed remotely. This attack...

6.3CVSS4.6AI score0.00484EPSS
Exploits1References1
NVD
NVD
added 2025/12/31 10:15 p.m.2 views

CVE-2025-15398

A security vulnerability has been detected in Uasoft badaso up to 2.9.7. Affected is the function forgetPassword of the file src/Controllers/BadasoAuthController.php of the component Token Handler. Such manipulation leads to weak password recovery. The attack can be executed remotely. This attack...

8.1CVSS0.00484EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/12/31 10:2 p.m.28 views

CVE-2025-15398 Uasoft badaso Token BadasoAuthController.php forgetPassword password recovery

A security vulnerability has been detected in Uasoft badaso up to 2.9.7. Affected is the function forgetPassword of the file src/Controllers/BadasoAuthController.php of the component Token Handler. Such manipulation leads to weak password recovery. The attack can be executed remotely. This attack...

6.3CVSS0.00484EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/31 10:2 p.m.3 views

CVE-2025-15398 Uasoft badaso Token BadasoAuthController.php forgetPassword password recovery

A security vulnerability has been detected in Uasoft badaso up to 2.9.7. Affected is the function forgetPassword of the file src/Controllers/BadasoAuthController.php of the component Token Handler. Such manipulation leads to weak password recovery. The attack can be executed remotely. This attack...

6.3CVSS6.3AI score0.00484EPSS
Exploits1References5
CVE
CVE
added 2025/12/31 10:2 p.m.21 views

CVE-2025-15398

Uasoft Badaso up to version 2.9.7 has a weakness in the forgetPassword path of the Token Handler (src/Controllers/BadasoAuthController.php). The vulnerability, described as a remote‑executable weakness in password recovery, arises from the forgetPassword function and is characterized by high atta...

8.1CVSS6.3AI score0.00484EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.10 views

PT-2025-54460

Name of the Vulnerable Software and Affected Versions Uasoft badaso versions up to 2.9.7 Description A security issue exists in Uasoft badaso up to version 2.9.7 related to weak password recovery. The forgetPassword function within the src/Controllers/BadasoAuthController.php file of the Token...

6.3CVSS6AI score0.00484EPSS
Exploits1References10
Rows per page
Query Builder