CVE-2025-70997

A vulnerability has been discovered in eladmin v2.7 and before. This vulnerability allows for an arbitrary user password reset under any user permission level...

CVE-2025-70997

A vulnerability has been discovered in eladmin v2.7 and before. This vulnerability allows for an arbitrary user password reset under any user permission level...

EUVD-2021-18236

Malware in sbrugna...

CVE-2023-47354

An issue in the PowerOffWidgetReceiver function of Super Reboot Root Recovery v1.0.3 allows attackers to arbitrarily reset or power off the device via a crafted intent...

CVE-2023-47354

An issue in the PowerOffWidgetReceiver function of Super Reboot Root Recovery v1.0.3 allows attackers to arbitrarily reset or power off the device via a crafted intent...

Information disclosure

An issue in the PowerOffWidgetReceiver function of Super Reboot Root Recovery v1.0.3 allows attackers to arbitrarily reset or power off the device via a crafted intent...

CVE-2023-46393

gougucms v4.08.18 was discovered to contain a password reset poisoning vulnerability which allows attackers to arbitrarily reset users' passwords via a crafted packet...

CVE-2021-31326

D-Link DIR-816 A2 1.10 B05 allows unauthenticated attackers to arbitrarily reset the device via a crafted tokenid parameter to /goform/form2Reboot.cgi...

CVE-2020-18124

A cross-site request forgery CSRF vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily reset account passwords...

The Tian Guangan App has a flawed logic vulnerability

Tian Tian Guang'an APP is a life utility software for Guang'an people. There is a logic flaw vulnerability in Tian Tian Guang An APP, which can be exploited by an attacker to arbitrarily reset a user's password...

CVE-2021-24359 The Plus Addons for Elementor Page Builder < 4.1.11 - Arbitrary Reset Pwd Email Sending

The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.11 did not properly check that a user requesting a password reset was the legitimate user, allowing an attacker to send an arbitrary reset password email to a registered user on behalf of the WordPress site. Such issue could b...

The Plus Addons for Elementor Page Builder < 4.1.11 - Arbitrary Reset Pwd Email Sending

The plugin did not properly check that a user requesting a password reset was the legitimate user, allowing an attacker to send an arbitrary reset password email to a registered user on behalf of the WordPress site. Such issue could be chained with an open redirect...

Arbitrary Account Password Reset Vulnerability in Easy Nurse Android App

Easy Nurse Android App is a mobile nursing application. Easy Nurse Android APP has an arbitrary account password reset vulnerability. An attacker can reset any password by grabbing and modifying the password reset function...

ALPINE-CVE-2017-8114

Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin...