Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

28 matches found

Cvelist
Cvelistadded 2023/04/14 12:0 a.m.32 views

CVE-2022-45174

An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication for SAML Users can occur under the /login/backupcode endpoint and the /api/v1/vdeskintegration/challenge endpoint. The correctness of the TOTP is not checked properly, and can be bypassed by...

9.8AI score0.01033EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2023/04/14 12:0 a.m.6 views

CVE-2022-45174

An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication for SAML Users can occur under the /login/backupcode endpoint and the /api/v1/vdeskintegration/challenge endpoint. The correctness of the TOTP is not checked properly, and can be bypassed by...

7.2AI score0.01033EPSS
Exploits1References1
OSV
OSVadded 2022/04/19 9:15 p.m.2 views

CVE-2022-0993

The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on the 2FA back-up code implementation that logs users in upon success. This affects versions up to, and...

9.8CVSS7.3AI score0.07467EPSS
Exploits2References3
Prion
Prionadded 2022/04/19 9:15 p.m.17 views

Authentication flaw

The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on the 2FA back-up code implementation that logs users in upon success. This affects versions up to, and...

7.5CVSS9.6AI score0.07467EPSS
Exploits2References3Affected Software1
Vulnrichment
Vulnrichmentadded 2022/04/19 8:26 p.m.10 views

CVE-2022-0993

The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on the 2FA back-up code implementation that logs users in upon success. This affects versions up to, and...

8.1CVSS7.3AI score0.07467EPSS
Exploits2References3
Positive Technologies
Positive Technologiesadded 2022/04/19 12:0 a.m.5 views

PT-2022-13578 · Siteground · Siteground Security Plugin

Name of the Vulnerable Software and Affected Versions: SiteGround Security plugin for WordPress versions up to, and including, 1.2.5 Description: The issue allows unauthenticated users to log in as administrative users due to missing identity verification on the 2FA back-up code implementation th...

9.8CVSS9.6AI score0.07467EPSS
Exploits2References9
ThreatPost
ThreatPostadded 2013/08/07 10:10 a.m.11 views

New Twitter Login Verification System Avoids SMS Codes

Twitter is rolling out an updated login verification system for iPhone and Android that uses a novel cryptographic scheme that is designed to be resilient against attack and ensures that the private key never leaves the user’s device. The system doesn’t rely on SMS to send codes to users for logi...

6.7AI score
Exploits0References3
Exploit DB
Exploit DBadded 2009/02/06 12:0 a.m.31 views

Mailist 3.0 - Insecure Backup / Local File Inclusion

Mailist 3.0 Insecure Backup/Local File Inclusion + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + www.hellzone.info + www.anti-intruders.org + Homepage : http://ninjadesigns.co.uk/ + Download : http://ninjadesigns.co.uk/enter/mailist.zip + Insecure Backup - Vulnerable code in...

7.4AI score
Exploits0
Rows per page
Query Builder