4 matches found
The vulnerability of the Blitz Identity Provider software lies in its insufficient limitation on the number of authentication attempts. This allows a hacker to associate any arbitrary email address with a user account.
The vulnerability of the Blitz Identity Provider software is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability allows a malicious actor to associate any email address with a user account...
VM Backups <= 1.0 - CSRF to Database Backup Download
The plugin does not have CSRF checks, allowing attackers to make a logged in user unwanted actions, such as generate backups of the DB, plugins, and current theme. The files will be created in the uploads directory by default, with a timestamp in their filenames, without any access restriction,...
Cisco Unity Connection Mail Relay Vulnerability
Cisco Unity Connection UC is a voice messaging platform from Cisco USA. The platform can use voice commands to make phone calls or listen to messages in a "hands-free" manner.SMTP relay is one of the mail relay forwarding component. A security vulnerability exists in SMTP relay in Cisco UC, which...
phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities
Exploit for unknown platform in category web applications ================================================================ phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities ================================================================ phpCollegeExchange 0.1.5c Multiple SQL...