3 matches found
PT-2026-1071
Name of the Vulnerable Software and Affected Versions QNAP versions prior to 5.2.6.3195 build 20250715 QNAP QuTS hero versions prior to 5.2.6.3195 build 20250715 Description A flaw exists where resources can be allocated without limits or throttling. If an attacker obtains a user account, they ma...
CVE-2025-3091
An low privileged remote attacker in possession of the second factor for another user can login as that user without knowledge of the other users password...
Host Header Injection
remdex/livehelperchat is vulnerable to host header injection. The library does not properly validate the URL for password reset which allows a malicious attacker to generate a fake password link and take over the user account...