Lucene search
K

22 matches found

Nuclei
Nuclei
added 19 hours ago67 views

Zitadel - User Registration Bypass

The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. Due to a missing security check in versions prior to 2.64.0, 2.63.5, 2.62.7, 2.61.4, 2.60.4, 2.59.5, and 2.58.7, disabling the "User Registration allowed" option only hid the...

7.5CVSS7.1AI score0.02572EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-3093

Malware in sbrugna...

9.8CVSS9.2AI score0.0118EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-44063

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00712EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-33417

Malicious code in bioql PyPI...

5.3CVSS8.7AI score0.00563EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 1:11 a.m.6 views

CVE-2016-20005

The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy...

9.8CVSS7.1AI score0.0118EPSS
Exploits0References1
CVE
CVE
added 2025/02/19 10:18 p.m.314 views

CVE-2025-24989

CVE-2025-24989 is an elevation of privilege vulnerability in Microsoft Power Pages caused by improper access control. Public sources in the provided documents consistently describe it as allowing an unauthorized networked attacker to bypass the user registration control and escalate privileges. R...

9.8CVSS8.3AI score0.01659EPSS
In wildExploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/14 11:34 a.m.12 views

CVE-2024-27138

UNSUPPORTED WHEN ASSIGNED Incorrect Authorization vulnerability in Apache Archiva. Apache Archiva has a setting to disable user registration, however this restriction can be bypassed. As Apache Archiva has been retired, we do not expect to release a version of Apache Archiva that fixes this issue...

7.5CVSS6.6AI score0.01192EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/21 6:49 a.m.13 views

CVE-2024-10393 Tutor LMS <= 2.7.6 - User Registration Setting Bypass to Unauthorized User Registration

The Tutor LMS plugin for WordPress is vulnerable to bypass to user registration in versions up to, and including, 2.7.6. This is due to a missing check for the 'userscanregister' option in the 'registerinstructor' function. This makes it possible for unauthenticated attackers to register as the...

5.3CVSS6.8AI score0.00563EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2024/10/25 7:30 p.m.14 views

User Registration Bypass in Zitadel

Impact Zitadel allows administrators to disable the user self-registration. Due to a missing security check in versions prior to 2.63.4, disabling the "User Registration allowed" option only hid the registration button on the login page. Users could bypass this restriction by directly accessing t...

7.5CVSS6.7AI score0.02572EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2024/10/25 2:22 p.m.6 views

CVE-2024-49757 Zitadel User Registration Bypass Vulnerability

The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. Due to a missing security check in versions prior to 2.64.0, 2.63.5, 2.62.7, 2.61.4, 2.60.4, 2.59.5, and 2.58.7, disabling the "User Registration allowed" option only hid the...

7.5CVSS7.6AI score0.02572EPSS
Exploits0References10
CVE
CVE
added 2024/05/10 8:32 a.m.51 views

CVE-2024-4444

CVE-2024-4444 affects the LearnPress – WordPress LMS Plugin for WordPress. The vulnerability is in LearnPress versions up to 4.2.6.5 and is caused by missing checks in the checkout’s create_account function, enabling unauthenticated attackers to register as the site’s default role even when regis...

6.5CVSS6.7AI score0.00712EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2024/05/10 2:12 a.m.6 views

WordPress LearnPress plugin <= 4.2.6.5 - Unauthenticated Bypass to User Registration vulnerability

Unauthenticated Bypass to User Registration vulnerability discovered by 1337Wannabe in WordPress Plugin LearnPress versions = 4.2.6.5...

6.5CVSS7AI score0.00712EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2024/03/01 3:41 p.m.95 views

CVE-2024-27138

CVE-2024-27138 concerns an Incorrect Authorization vulnerability in Apache Archiva. The affected software is Apache Archiva (retired/no longer maintained). The issue arises from a configuration that disables user registration, which can be bypassed, allowing unauthorized users to register or acce...

7.5CVSS7.4AI score0.01192EPSS
Exploits0References2Affected Software1
GithubExploit
GithubExploit
added 2023/06/19 11:56 p.m.340 views

Exploit for Special Element Injection in Rocket.Chat

CVE-2021-22911 If you have already registered...

9.8CVSS9.5AI score0.95242EPSS
Exploits16
NVD
NVD
added 2021/01/01 1:15 a.m.16 views

CVE-2016-20005

The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy...

9.8CVSS9.6AI score0.0118EPSS
Exploits0References1
CVE
CVE
added 2020/12/31 11:26 p.m.84 views

CVE-2016-20005

CVE-2016-20005 affects the Drupal REST/JSON project for Drupal 7, version 7.x-1.x, where a user registration bypass is possible. The provided documents identify this as SA-CONTRIB-2016-033, but do not give a detailed root cause or the exact vulnerable code paths. There is no explicit exploitation...

9.8CVSS9.4AI score0.0118EPSS
Exploits0References1Affected Software1
Drupal
Drupal
added 2016/06/08 12:0 a.m.14 views

REST JSON - Multiple Vulnerabilities - Highly Critical - Unsupported - SA-CONTRIB-2016-033

This module enables you to expose content, users and comments via a JSON API. The module contains multiple vulnerabilities including Node access bypass Comment access bypass User enumeration Field access bypass User registration bypass Blocked user login Session name guessing Session enumeration...

7.3AI score
Exploits0References10
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.36 views

alitalk 1.9.1.1 - Multiple Vulnerabilities

No description provided by source. ALITALK v 1.9.1.1 Multiple Vulnerabilities author : tomplixsee google dork : POWERED BY ALITALK download : http://www.alilg.com/software/free-php-ajax-chat/ SQL INJECTION you need to login in order to exploit this vulnerability vulnerable code on...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/01/17 12:0 a.m.22 views

alitalk-multi.txt

ALITALK v 1.9.1.1 Multiple Vulnerabilities author : tomplixsee google dork : POWERED BY ALITALK download : http://www.alilg.com/software/free-php-ajax-chat/ SQL INJECTION you need to login in order to exploit this vulnerability vulnerable code on inc/receivertwo.php "; echo" r%dtr...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/01/16 12:0 a.m.13 views

alitalk 1.9.1.1 - Multiple Vulnerabilities

alitalk 1.9.1.1 - Multiple Vulnerabilities ALITALK v 1.9.1.1 Multiple Vulnerabilities author : tomplixsee google dork : POWERED BY ALITALK download : http://www.alilg.com/software/free-php-ajax-chat/ SQL INJECTION you need to login in order to exploit this vulnerability vulnerable code on...

0.3AI score
Exploits0
Rows per page
Query Builder