32 matches found
EUVD-2017-4234
Malware in sbrugna...
EUVD-2018-4624
Malware in sbrugna...
EUVD-2019-15038
Malware in sbrugna...
EUVD-2020-10053
Malware in sbrugna...
CVE-2023-22518
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perfo...
Code injection
Apache StreamPark 1.0.0 before 2.0.0 When the user successfully logs in, to modify his profile, the username will be passed to the server-layer as a parameter, but not verified whether the user name is the currently logged user and whether the user is legal, This will allow malicious attackers to...
CVE-2022-46365 Apache StreamPark (incubating): Logic error causing any account reset
Apache StreamPark 1.0.0 before 2.0.0 When the user successfully logs in, to modify his profile, the username will be passed to the server-layer as a parameter, but not verified whether the user name is the currently logged user and whether the user is legal, This will allow malicious attackers to...
CVE-2022-46365 Apache StreamPark (incubating): Logic error causing any account reset
Apache StreamPark 1.0.0 before 2.0.0 When the user successfully logs in, to modify his profile, the username will be passed to the server-layer as a parameter, but not verified whether the user name is the currently logged user and whether the user is legal, This will allow malicious attackers to...
LDAP Tool Box Self Service Password v1.5.2 - Account takeover Vulnerability
Exploit Title: LDAP Tool Box Self Service Password v1.5.2 - Account takeover Exploit Author: Tahar BENNACEF aka tar.gz Software Link: https://github.com/ltb-project/self-service-password Version: 1.5.2 Tested on: Ubuntu Self Service Password is a PHP application that allows users to change their...
Twitter reset account Private Method 0day Exploit
Twitter reset any Account Private Method Exploit...
Hotmail.com reset account 0day Exploit
Hotmail.com 0day Exploit can reset any email account...
CVE-2020-36498
Macrob7 Macs Framework Content Management System - 1.14f contains a cross-site scripting XSS vulnerability in the account reset function, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the e-mail input field...
CVE-2020-36498
Macrob7 Macs Framework Content Management System - 1.14f contains a cross-site scripting XSS vulnerability in the account reset function, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the e-mail input field...
Cross site scripting
Macrob7 Macs Framework Content Management System - 1.14f contains a cross-site scripting XSS vulnerability in the account reset function, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the e-mail input field...
CVE-2020-36498
The CVE-2020-36498 entry concerns Macrob7 Macs Framework Content Management System (CMS) v1.14f. A cross-site scripting (XSS) vulnerability exists in the account reset function, allowing an attacker to execute arbitrary web scripts or HTML via a crafted payload in the email input field. The issue...
CVE-2020-36498
Macrob7 Macs Framework Content Management System - 1.14f contains a cross-site scripting XSS vulnerability in the account reset function, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the e-mail input field...
CVE-2020-25562
In SapphireIMS 5.0, there is no CSRF token present in the entire application. This can lead to CSRF vulnerabilities in critical application forms like account resent...
Optergy BMS 2.0.3a Account Reset / Username Disclosure
Optergy BMS Account Reset and Username Disclosure Affected version djuro teppi view alerton stef humba drmio de3 andri myko dzonka kosto beebee Administrator...
CVE-2018-12669
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow remote authenticated users to reset arbitrary accounts via a request to web/cgi-bin/hi3510/param.cgi...
CVE-2018-12669
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow remote authenticated users to reset arbitrary accounts via a request to web/cgi-bin/hi3510/param.cgi...