Lucene search
K

9 matches found

CNVD
CNVD
added 2025/06/06 12:0 a.m.2 views

FreeScout Security Bypass Vulnerability

FreeScout is an ultra-lightweight and powerful free open source helpdesk and shared inbox built using PHP Laravel framework by FreeScout. FreeScout suffers from a security bypass vulnerability that can be exploited by an attacker to gain initial access to an account by leveraging an invitation li...

9.8CVSS7.2AI score0.00452EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/30 12:0 a.m.5 views

FreeScout 安全漏洞

FreeScout is an ultra-lightweight and powerful free open source helpdesk and shared inbox built using PHP Laravel framework by FreeScout. FreeScout suffers from a security bypass vulnerability that can be exploited by an attacker to gain initial access to an account by leveraging an invitation li...

9.8CVSS7AI score0.00452EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:30 a.m.5 views

CVE-2019-5468

An privilege escalation issue was discovered in Gitlab versions 12.1.2, 12.0.4, and 11.11.6 when Mattermost slash commands are used with a blocked account...

8.8CVSS7.3AI score0.02142EPSS
Exploits1References1
OSV
OSV
added 2023/12/12 1:15 a.m.3 views

CVE-2023-42481

In SAP Commerce Cloud - versions HYCOM 1905, HYCOM 2005, HYCOM2105, HYCOM 2011, HYCOM 2205, COMCLOUD 2211, a locked B2B user can misuse the forgotten password functionality to un-block his user account again and re-gain access if SAP Commerce Cloud - Composable Storefront is used as storefront, d...

8.1CVSS5.7AI score0.00521EPSS
Exploits0References2
Code423n4
Code423n4
added 2023/11/15 12:0 a.m.8 views

Upgraded Q -> 2 from #481 [1700080840600]

Judge has assessed an item in Issue 481 as 2 risk. The relevant finding follows: A blocked/sanctioned account can still received interest --- The text was updated successfully, but these errors were encountered: All reactions...

7.1AI score
Exploits0
OSV
OSV
added 2022/01/05 5:6 p.m.4 views

DRUPAL-CONTRIB-2022-001

This module enables you to login with an email address. The module doesn't sufficiently check if a user account is active when using email login. This vulnerability is mitigated by the fact that an attacker must have an account in the website that is blocked...

6.7AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/01/28 3:15 a.m.41 views

CVE-2019-5468

An privilege escalation issue was discovered in Gitlab versions 12.1.2, 12.0.4, and 11.11.6 when Mattermost slash commands are used with a blocked account...

8.8CVSS7.2AI score0.02142EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/01/28 2:44 a.m.25 views

CVE-2019-5468

An privilege escalation issue was discovered in Gitlab versions 12.1.2, 12.0.4, and 11.11.6 when Mattermost slash commands are used with a blocked account...

8.9AI score0.02142EPSS
Exploits1References3
Prion
Prion
added 2017/04/20 5:59 p.m.15 views

Information disclosure

MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1, when $wgBlockDisablesLogin is true, might allow remote attackers to obtain sensitive information by leveraging failure to terminate sessions when a user account is blocked...

5CVSS6.5AI score0.01547EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder