Lucene search
K

10 matches found

Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.11 views

PT-2026-41301

Medical Management System a81df1ce700a9662cb136b27af47f4cbde64156b is vulnerable to Insecure Permissions, which allows arbitrary user password reset...

5.9AI score0.00218EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.6 views

ELADMIN 安全漏洞

ELADMIN is a backend management system developed by elunez’s individual developer. Versions of ELADMIN 2.7 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a vulnerability allowing arbitrary user password resets, which could lead to password resets at any user...

8.1CVSS5.9AI score0.00187EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-17076

Malware in sbrugna...

8.8CVSS8.6AI score0.03471EPSS
Exploits1References7
CVE
CVE
added 2024/09/26 12:0 a.m.45 views

CVE-2024-45982

CVE-2024-45982 affects scheduleR v0.0.18 and is described as a host header injection vulnerability. The underlying issue allows an attacker to obtain a password reset token by user interaction with a crafted password reset link, enabling arbitrary password resets and account compromise. The Red H...

8.8CVSS7.2AI score0.00347EPSS
Exploits0References1
CVE
CVE
added 2024/07/26 12:0 a.m.62 views

CVE-2024-26520

The CVE-2024-26520 entry concerns Hangzhou Xiongwei Technology Development Co., Ltd. Restaurant Digital Comprehensive Management platform v1. Multiple connected sources confirm a vulnerability where an attacker can bypass authentication and perform arbitrary password resets. This affects the Rest...

9.8CVSS7.5AI score0.0051EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/26 12:0 a.m.16 views

CVE-2024-26520

An issue in Hangzhou Xiongwei Technology Development Co., Ltd. Restaurant Digital Comprehensive Management platform v1 allows an attacker to bypass authentication and perform arbitrary password resets...

0.0051EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/01/24 12:0 a.m.22 views

Debian: Security Advisory (DLA-933-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.7AI score0.03471EPSS
Exploits1References3
CNVD
CNVD
added 2017/07/31 12:0 a.m.2 views

Brush Bracelet App Has Design Logic Flaws

The Brush Bracelet app is a smart wearable device app. There is a design logic vulnerability in Brush Bracelet app. An attacker can exploit the vulnerability to perform arbitrary user registration and arbitrary password reset operations...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/05/08 12:0 a.m.42 views

Debian DLA-933-1 : roundcube security update

Roundcube Webmail allows arbitrary password resets by authenticated users. The issue is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin. For Debian 7 'Wheezy', these problems have been fixed in version 0.7.2-9+deb7u7. We recommend that you...

8.8CVSS8AI score0.03471EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2016/02/12 12:0 a.m.6 views

The vulnerability of the AD Self Password Reset password reset tool allows a hacker to reset arbitrary passwords.

The vulnerability of the PasswordReset.Controllers.ResetController.ChangePasswordIndex method PasswordReset.dll, a password reset tool for AD Self Password Reset, is related to access control deficiencies. Exploiting this vulnerability could allow an attacker, operating remotely, to reset arbitra...

7.5CVSS7.9AI score0.0238EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder