33 matches found
CVE-2026-56780
Modoboa prior to version 2.9.0 contains an insecure direct object reference in the PUT /api/v1/accounts/{pk}/password/ API. This flaw allows domain administrators to bypass object‑level access controls and change any user’s password, enabling full account takeover by resetting superadmin password...
Exploit for CVE-2025-2304
CVE-2025-2304-POC PoC for CVE-2025-2304 — Camaleon CMS 2.9.0...
CVE-2026-36607
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 allows unauthenticated brute-force attacks via the TDDP password change endpoint code=10, which lacks the rate limiting applied to the login endpoint code=7. An attacker on the adjacent network can attempt unlimited passwords without...
CVE-2026-36607
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 allows unauthenticated brute-force attacks via the TDDP password change endpoint code=10, which lacks the rate limiting applied to the login endpoint code=7. An attacker on the adjacent network can attempt unlimited passwords without...
CVE-2026-36607
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 allows unauthenticated brute-force attacks via the TDDP password change endpoint code=10, which lacks the rate limiting applied to the login endpoint code=7. An attacker on the adjacent network can attempt unlimited passwords without...
EUVD-2026-34146
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 allows unauthenticated brute-force attacks via the TDDP password change endpoint code=10, which lacks the rate limiting applied to the login endpoint code=7. An attacker on the adjacent network can attempt unlimited passwords without...
Mercusys AC12G 授权问题漏洞
The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has a security vulnerability. This vulnerability stems from the lack of rate limiting on the TDDP password change endpoint, which may allow neighboring network...
CVE-2026-38566
CVE-2026-38566 affects HireFlow v1.2. The issue is CSRF on all state-changing POST endpoints (e.g., /profile password change, /candidates/delete/, /feedback/add/, /interviews/add) due to missing CSRF token validation and no SESSION_COOKIE_SAMESITE configuration. Root cause: CSRF token validation ...
PT-2026-33986
Dovestones Softwares AD Self Update 4.0.0.5 is vulnerable to Cross Site Request Forgery CSRF. The affected endpoint processes state-changing requests without requiring a CSRF token or equivalent protection. The endpoint accepts application/x-www-form-urlencoded requests, and an originally...
Nexxt Solutions Nebula 300+ 安全漏洞
The Nexxt Solutions Nebula 300+ is a wireless router produced by the American company Nexxt Solutions. Versions of the Nebula 300+ prior to 12.01.01.37 contain security vulnerabilities. These vulnerabilities stem from the lack of cross-site request forgery protection in the status change manageme...
BIT-DISCOURSE-2025-68659 Discourse has DoS vulnerability in username change endpoint
Discourse is an open source discussion platform. Versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0 have an application level denial of service vulnerabilityin the username change functionality at try.discourse.org. The vulnerability allows attackers to cause noticeable server delays and...
CVE-2025-68659 Discourse has DoS vulnerability in username change endpoint
Discourse is an open source discussion platform. Versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0 have an application level denial of service vulnerabilityin the username change functionality at try.discourse.org. The vulnerability allows attackers to cause noticeable server delays and...
CVE-2025-68659 Discourse has DoS vulnerability in username change endpoint
Discourse is an open source discussion platform. Versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0 have an application level denial of service vulnerabilityin the username change functionality at try.discourse.org. The vulnerability allows attackers to cause noticeable server delays and...
EUVD-2026-1884
OpenProject is an open-source, web-based project management software. Prior to version 16.6.2, OpenProject’s unauthenticated password-change endpoint /account/changepassword was not protected by the same brute-force safeguards that apply to the normal login form. In affected versions, an attacker...
CVE-2026-22603 OpenProject has no protection against brute-force attacks in the Change Password function
OpenProject is an open-source, web-based project management software. Prior to version 16.6.2, OpenProject’s unauthenticated password-change endpoint /account/changepassword was not protected by the same brute-force safeguards that apply to the normal login form. In affected versions, an attacker...
OpenProject 安全漏洞
OpenProject is a web-based project management software from OpenProject Open Source. A security vulnerability exists in OpenProject versions prior to 16.6.2 that stems from a lack of brute force protection in an unprotected password change endpoint, which could lead to account cracking and...
Cross-site Request Forgery (CSRF)
Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the port-change endpoint in the web port configuration process. An attacker can cause service disruption or loss of access by tricking an authenticated user into submitting a crafted request, which...
GHSA-WRVC-X3WF-J5F5 1Panel contains a cross-site request forgery (CSRF) vulnerability in the web port configuration functionality
1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery CSRF vulnerability in the web port configuration functionality. The port-change endpoint lacks CSRF defenses such as anti-CSRF tokens or Origin/Referer validation. An attacker can craft a malicious webpage that submits a...
CVE-2025-63207
The CVE-2025-63207 affects R.V.R Elettronica TEX: firmware TEXL-000400 and Web GUI TLAN-000400. It describes a broken access control flaw due to improper authentication checks on the /_Passwd.html endpoint, allowing an unauthenticated POST that can change Admin, Operator, and User passwords and p...
CVE-2025-63800
The password change endpoint in Open Source Point of Sale 3.4.1 allows users to set their account password to an empty string due to missing server-side validation. When an authenticated user omits or leaves the password and repeatpassword parameters empty in the password change request, the...