Lucene search
K

5 matches found

OSV
OSV
added 2022/05/17 2:46 a.m.16 views

GHSA-WM7G-RMGG-9837 GeniXCMS Arbitrary User Password Reset Vulnerability

forgotpassword.php in GeniXCMS lacks a rate limit, which might allow remote attackers to cause a denial of service login inability or possibly conduct Arbitrary User Password Reset attacks via a series of requests...

9.1CVSS9.2AI score0.01618EPSS
Exploits0References4
NVD
NVD
added 2017/05/08 6:29 a.m.18 views

CVE-2017-8827

forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might allow remote attackers to cause a denial of service login inability or possibly conduct Arbitrary User Password Reset attacks via a series of requests...

9.1CVSS9.1AI score0.01618EPSS
Exploits0References1
Prion
Prion
added 2017/05/08 6:29 a.m.14 views

Default credentials

forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might allow remote attackers to cause a denial of service login inability or possibly conduct Arbitrary User Password Reset attacks via a series of requests...

6.4CVSS9AI score0.01618EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/05/08 6:10 a.m.52 views

CVE-2017-8827

CVE-2017-8827 affects GeniXCMS 1.0.2: the forgotpassword.php endpoint lacks rate limiting, enabling a remote attacker to cause login denial of service or potentially perform arbitrary user password reset attacks via repeated requests. The available connected documents corroborate the same descrip...

9.1CVSS9.1AI score0.01618EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2016/06/13 2:0 p.m.25 views

CVE-2016-1543

The RPC API in the RSCD agent in BMC BladeLogic Server Automation BSA 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and reset arbitrary user passwords by sending an action packet to xmlrpc after an authorization failure...

7.5AI score0.71854EPSS
Exploits8References6
Rows per page
Query Builder