2419 matches found
JFrog Artifactory 6.7.3 - Admin Login Bypass
JFrog Artifactory 6.7.3 is vulnerable to an admin login bypass issue because by default the access-admin account is used to reset the password of the admin account. While this is only allowable from a connection directly from localhost, providing an X-Forwarded-For HTTP header to the request allo...
SonicWall Email Security <= 10.0.9.x - Unauthenticated Admin Account Creation
SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host. id: CVE-2021-20021 info: name: SonicWall Email Security = 10.0.9.x - Unauthenticated Admin Account Creation author: pussycat0x severity: critical...
CVE-2026-12761
Summary (CVE-2026-12761) The miniOrange Social Login and Register plugin for WordPress is vulnerable through the Profile Completion OTP flow in versions up to and including 7.7.0. The flow accepts an arbitrary email via the email_field POST parameter and does not verify that the email belongs to ...
PT-2026-57277
Name of the Vulnerable Software and Affected Versions miniOrange Social Login and Register Discord, Google, Twitter, LinkedIn versions prior to 7.7.1 Description An authentication bypass exists in the Profile Completion flow that allows for account takeover. The issue occurs because the plugin...
CVE-2026-55207
CVE-2026-55207 affects Pimcore: an unauthenticated attacker who knows a valid admin username can hijack an admin account by abusing a malicious resetPasswordUrl in a password reset request. The server generates a real cryptographic recovery token, appends it to the attacker-controlled URL, emails...
CVE-2026-54801
A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application contains insufficient validation of authentication credentials when processing administrative account modifications through the we...
CVE-2026-14245
The miniOrange OTP Login, Verification and SMS Notifications plugin for WordPress is vulnerable to Authentication Bypass leading to Administrator Account Takeover in all versions up to, and including, 5.5.1. This is due to the umresetpasswordprocesshook function performing no server-side...
EUVD-2026-42543
The miniOrange OTP Login, Verification and SMS Notifications plugin for WordPress is vulnerable to Authentication Bypass leading to Administrator Account Takeover in all versions up to, and including, 5.5.1. This is due to the umresetpasswordprocesshook function performing no server-side...
PT-2026-56933
Name of the Vulnerable Software and Affected Versions Pimcore versions prior to 2025.4.6 Pimcore versions prior to 2026.1.6 Description An unauthenticated attacker who knows a valid admin username can take over an admin account by sending a password reset request containing an attacker-controlled...
Palo Alto Expedition - Admin Account Takeover
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. id: CVE-2024-5910 info: name: Palo Alto Expedition - Admin Account Takeover author: johnk3r severity: critical...
EUVD-2026-39943
The Invoice Generator plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the pravelinvoiceeditaccount AJAX action in versions up to, and including, 1.0.0. The handler is exposed via wpajaxnoprivpravelinvoiceeditaccount, accepts an attacker-controlled...
EUVD-2026-39925
The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...
CVE-2026-31928
The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...
CVE-2026-31928 Daktronics Controller Firmware Use of Hard-coded Credentials
The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...
CVE-2026-31928
The CVE-2026-31928 entry concerns DMP-5000 devices shipped with a default administrative web account and weak authentication controls that are not required to be changed during initial configuration or operation, enabling full system access if exploited. The issue is tied to hard-coded/default cr...
PT-2026-52988
Name of the Vulnerable Software and Affected Versions DMP-5000 affected versions not specified Description Devices are shipped with a default administrative web account that utilizes weak authentication controls. These credentials are not required to be changed during the initial configuration or...
CVE-2026-57520
Bitwarden Server prior to 2026.5.0 is affected by a privilege-escalation vulnerability in the bulk user-remove endpoint. The issue arises from a missing role hierarchy check, allowing authenticated Custom users with ManageUsers permission to remove Admin accounts from an organization by supplying...
External Initialization of Trusted Variables or Data Stores
Overview Affected versions of this package are vulnerable to External Initialization of Trusted Variables or Data Stores in the installation process when the Forwarded, X-Client-IP, or X-Real-IP headers are set by a reverse proxy. An attacker can gain unauthorized administrative access by remotel...
Ivanti Endpoint Manager Mobile (EPMM) - Authentication Bypass
Ivanti Endpoint Manager Mobile EPMM, formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII, add an administrative account, and change the configuration because of an authentication bypass, as exploited in the wild in July 2023. A patch is available. id: CVE-2023-35078 info...
CVE-2026-8935
The WP MAPS PRO WordPress plugin before 6.1.1 registers an unauthenticated AJAX action which, given a valid nonce that is publicly emitted on any frontend page enqueuing its map script, unconditionally creates an administrator account and returns a magic-login URL granting interactive admin acces...