Lucene search
K

259 matches found

Nuclei
Nuclei
added yesterday16 views

PSW Front-end Login & Registration 1.13 - Weak Password Recovery

PSW Front-end Login & Registration plugin for WordPress contains a weak password recovery mechanism that can be exploited by unauthenticated attackers. This vulnerability affects versions through 1.13 and allows attackers to potentially gain unauthorized access. id: CVE-2025-47646 info: name: PSW...

9.8CVSS7AI score0.21914EPSS
Exploits3References5
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-43201

A vulnerability was found in H3C NX15 V100R017. Affected by this vulnerability is the function changepasswd of the file /api/login/modify of the component Administrator Password Modification Endpoint. The manipulation of the argument newPass results in weak password recovery. The attack may be...

7.5CVSS5.8AI score0.00278EPSS
Exploits0References5
CVE
CVE
added 2 days ago9 views

CVE-2026-15479

The vulnerability CVE-2026-15479 affects H3C NX15 V100R017. The vulnerable component is the Administrator Password Modification Endpoint, specifically the change_passwd function at /api/login/modify. Manipulating the newPass parameter results in weak password recovery. The issue can be exploited ...

7.5CVSS6.6AI score0.00278EPSS
Exploits0References5
NVD
NVD
added last week10 views

CVE-2026-13020

A Weak Password Recovery Mechanism for Forgotten Password exists in Esri Portal for ArcGIS versions 12.1 and earlier on Windows, Linux and Kubernetes. A remote, unauthorized attacker may assume ownership of a user’s account by manipulating this mechanism. ArcGIS Administrators should configure an...

9.8CVSS0.00234EPSS
Exploits0References1
Cvelist
Cvelist
added last week36 views

CVE-2026-13020 Weak Password Recovery Mechanism in Portal for ArcGIS

A Weak Password Recovery Mechanism for Forgotten Password exists in Esri Portal for ArcGIS versions 12.1 and earlier on Windows, Linux and Kubernetes. A remote, unauthorized attacker may assume ownership of a user’s account by manipulating this mechanism. ArcGIS Administrators should configure an...

8.1CVSS0.00234EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.12 views

PT-2026-56205

Name of the Vulnerable Software and Affected Versions Esri Portal for ArcGIS versions prior to 12.2 Description A weak password recovery mechanism for forgotten passwords allows a remote, unauthorized attacker to assume ownership of a user account by manipulating the recovery process...

9.8CVSS6.1AI score0.00234EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.11 views

CVE-2026-9609

A vulnerability was identified in QianFox FoxCMS up to 1.2.6. This affects the function Edit of the file Admin.php. The manipulation leads to weak password recovery. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem...

5.8CVSS5.2AI score0.00223EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/04 7:27 p.m.3 views

Weak Password Recovery Mechanism for Forgotten Password

Overview shopware/core is a Shopware platform is the core for all Shopware ecommerce products. Affected versions of this package are vulnerable to Weak Password Recovery Mechanism for Forgotten Password in the userrecovery process. An attacker can gain unauthorized access to any admin account by...

7.6CVSS5.8AI score0.00034EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.17 views

CVE-2026-10169

A vulnerability was detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected by this vulnerability is the function ajaxforgotpassword of the file application/controllers/Login.php of the component Forgot Password Endpoint. The...

6.3CVSS5.1AI score0.00286EPSS
Exploits0References1
NVD
NVD
added 2026/05/31 5:16 a.m.13 views

CVE-2026-10169

A vulnerability was detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected by this vulnerability is the function ajaxforgotpassword of the file application/controllers/Login.php of the component Forgot Password Endpoint. The...

6.3CVSS0.00286EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/31 4:45 a.m.15 views

EUVD-2026-33489

A vulnerability was detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected by this vulnerability is the function ajaxforgotpassword of the file application/controllers/Login.php of the component Forgot Password Endpoint. The...

6.3CVSS5.1AI score0.00286EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/31 4:45 a.m.40 views

CVE-2026-10169 OUSL-GROUP-BrinaryBrains School Student Management System Forgot Password Endpoint Login.php ajax_forgot_password password recovery

A vulnerability was detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected by this vulnerability is the function ajaxforgotpassword of the file application/controllers/Login.php of the component Forgot Password Endpoint. The...

6.3CVSS0.00286EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/31 12:0 a.m.16 views

PT-2026-45172

A vulnerability was detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected by this vulnerability is the function ajax forgot password of the file application/controllers/Login.php of the component Forgot Password Endpoint. Th...

6.3CVSS5.1AI score0.00286EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/28 2:15 p.m.13 views

CVE-2026-9466

A vulnerability was determined in Tiandy Easy7 Integrated Management Platform 7.17.0. This issue affects some unknown processing of the file /rest/user/updateUserPassword of the component API Endpoint. Executing a manipulation can lead to weak password recovery. The attack can be executed remotel...

6.9CVSS5.7AI score0.00352EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 2:16 a.m.14 views

CVE-2026-9609

A vulnerability was identified in QianFox FoxCMS up to 1.2.6. This affects the function Edit of the file Admin.php. The manipulation leads to weak password recovery. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem...

5.8CVSS0.00223EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/27 12:30 a.m.37 views

CVE-2026-9609 QianFox FoxCMS Admin.php edit password recovery

A vulnerability was identified in QianFox FoxCMS up to 1.2.6. This affects the function Edit of the file Admin.php. The manipulation leads to weak password recovery. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem...

5.8CVSS0.00223EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:30 a.m.10 views

CVE-2026-9609

A vulnerability was identified in QianFox FoxCMS up to 1.2.6. This affects the function Edit of the file Admin.php. The manipulation leads to weak password recovery. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem...

5.8CVSS5.5AI score0.00223EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/05/27 12:30 a.m.15 views

EUVD-2026-32029

A vulnerability was identified in QianFox FoxCMS up to 1.2.6. This affects the function Edit of the file Admin.php. The manipulation leads to weak password recovery. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem...

5.8CVSS5.5AI score0.00223EPSS
Exploits0References5
CVE
CVE
added 2026/05/27 12:30 a.m.21 views

CVE-2026-9609

CVE-2026-9609 affects QianFox FoxCMS up to version 1.2.6, targeting the Admin.php Edit function. The vulnerability enables weak password recovery through manipulation of the admin password flow, with remote initiation. Public exploit code exists, and the issue was reported via an issue but not ye...

5.8CVSS5.5AI score0.00223EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.12 views

PT-2026-43471

A vulnerability was identified in QianFox FoxCMS up to 1.2.6. This affects the function Edit of the file Admin.php. The manipulation leads to weak password recovery. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem...

5.8CVSS5.5AI score0.00223EPSS
Exploits0References6
Rows per page
Query Builder