GlFusion Cms Arbitrary User Registration Vulnerability

glFusion CMS is a content management and publishing system. glFusion CMS v1.7.9 is vulnerable to arbitrary user registration, which can be exploited by attackers to register using any user's email address...

CVE-2021-44937

glFusion CMS v1.7.9 is affected by an arbitrary user registration vulnerability in /publichtml/users.php. An attacker can register with the mailbox of any user. When users want to register, they will find that the mailbox has been occupied...

Design/Logic Flaw

glFusion CMS v1.7.9 is affected by an arbitrary user registration vulnerability in /publichtml/users.php. An attacker can register with the mailbox of any user. When users want to register, they will find that the mailbox has been occupied...

CVE-2021-44937

CVE-2021-44937 affects glFusion CMS v1.7.9. Descriptions across multiple sources state an arbitrary user registration vulnerability in /public_html/users.php, allowing attackers to register using any user’s mailbox and observe that the mailbox becomes occupied. The root cause is insufficient vali...

GlFusion Cms 授权问题漏洞

glFusion CMS is a content management and publishing system. glFusion CMS v1.7.9 is vulnerable to arbitrary user registration, which can be exploited by attackers to register using any user's email address...

Meal Chain App Has Multiple Vulnerabilities

Meal Chain APP is an ingredient sourcing platform focusing on the restaurant industry. There are arbitrary user registration and arbitrary password reset vulnerabilities in Meal Chain APP. An attacker can register any account and reset any password by capturing the verification code...

Trade Test Grabber App Has Arbitrary User Registration and Arbitrary Password Reset Vulnerabilities

Trade Test Grab App is a third-party service platform integrating trade, testing and inspection. Trade test to grab a single App there are any user registration and any password reset vulnerability, the attacker can register any user and reset any user password by grabbing packets and modifying t...

Comments Off on Arbitrary User Registration and Arbitrary Password Reset Vulnerability in Fruit Tree App

Evaluate Fruit Tree App is a learning and education app. There are arbitrary user registration and arbitrary password reset vulnerabilities in Fruit Tree App, which allow attackers to register any user and reset any user's password by grabbing packets and modifying cell phone numbers...

Parent Helper App Has Multiple Vulnerabilities

Parent's Helper APP is a mobile home-school communication software developed by Beijing Aopeng Distance Education Center Co. The Parent's Helper APP is vulnerable to arbitrary user registration and arbitrary password reset. An attacker can register any account and reset any password by capturing...

Cloud Drops Travel App Has Logic Design Flaws

YunDiTrip is a professional intelligent travel platform based on local Yunnan. There is a logical design loophole in the APP of YunDropTrip. After logging into the system, an attacker can arbitrarily register users and perform unauthorized operations by grabbing packets and modifying cell phone...

There are multiple vulnerabilities in the digital teaching resource platform of Tesco

DSS Digital Teaching Resource Platform is a digital learning platform developed by DSS Information Technology Shenzhen Co., Ltd. which integrates online course production, online teaching, course management, teacher-student interaction and so on. There are arbitrary user registration, privilege...

Mobile movie app has logic design flaws

Mobile Movie App is a video product specially launched for the majority of movie lovers. There is a logical design vulnerability in the mobile movie app. Attackers can use the vulnerability to perform arbitrary user registration, arbitrary password reset operations...

Brush Bracelet App Has Design Logic Flaws

The Brush Bracelet app is a smart wearable device app. There is a design logic vulnerability in Brush Bracelet app. An attacker can exploit the vulnerability to perform arbitrary user registration and arbitrary password reset operations...

Hunan Ding Ding Easily Builds App with Multiple Vulnerabilities

Hunan Ding Ding Easily Build APP is an order-taking tool for engineers. Hunan Ding Ding Easy Build APP has arbitrary user registration, payment flaws and arbitrary password reset vulnerability. Attackers can use the vulnerability to register any cell phone number, modify any user order informatio...

Zhengnuo (Shanghai) Energy Conservation Technology Co., Ltd Opler APP has multiple vulnerabilities

Opler APP is a mobile software with a complete backend management system. Zhengnuo Shanghai Energy Conservation Technology Co., Ltd Opler APP exists arbitrary password reset, arbitrary user registration, override and stored cross-site scripting vulnerabilities. Attackers can use the vulnerability...

Word Diary App Has Multiple Vulnerabilities

Word Diary App is a word memorization app with situational semantics and English-English explanations. Word Diary APP has arbitrary user registration, arbitrary password reset and stored cross-site scripting attack vulnerabilities, which can be exploited by attackers to register any user,...

Small in the open broadcast app has arbitrary user registration vulnerability

Little in the Open App is a powerful mobile app that combines chatting and dating with watching videos. An arbitrary user registration vulnerability exists in version 2.4.3 of Xiao-Jiao-Kaizhan APP, which allows attackers to modify a cell phone number and register an account at will...

Arbitrary User Login Vulnerability in Xiaowei OA System of Beijing Xiaowei Help Technology Co.

Xiaowei OA system is Beijing Xiaowei Help Technology Co., Ltd. to provide mobile office platform for small and medium-sized enterprises. There is an arbitrary user login vulnerability in the Xiaowei OA system that allows attackers to arbitrarily register users to log in to the system and obtain...

WordPress Ajax Search Pro Remote Code Execution Vulnerability

This vulnerability allows any registered user to execute arbitrary functions Usage Info http://localhost/x/wordpress/wp-admin/admin-ajax.php?page=ajax-search-pro/backend/settings.php&action=wpdreams-ajaxinput post data:...

Arbitrary User Registration Vulnerability in Secure Browser of Qihoo 360 Technology Co.

360 Safe Browser has the leading malicious URL database in China, and adopts the cloud checking engine, which can automatically block the malicious URLs such as horse mounting, fraud, Internet banking imitation, etc. The unique "quarantine mode" allows users to visit the Trojan website without...