Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-12468

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.27.0 through 1.32.1. Directly POSTing to Special:ChangeEmail would allow for...

9.8CVSS8AI score0.03427EPSS
Exploits0References2
OSV
OSV
added 2019/07/10 3:15 p.m.1 views

DEBIAN-CVE-2019-12467

MediaWiki through 1.32.1 has Incorrect Access Control issue 1 of 3. A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

5.3CVSS8AI score0.01263EPSS
Exploits0References1
OSV
OSV
added 2019/07/10 3:15 p.m.0 views

DEBIAN-CVE-2019-12468

An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.27.0 through 1.32.1. Directly POSTing to Special:ChangeEmail would allow for bypassing re-authentication, allowing for potential account takeover...

9.8CVSS6.9AI score0.03427EPSS
Exploits0References1
OSV
OSV
added 2019/07/10 3:15 p.m.2 views

UBUNTU-CVE-2019-12468

An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.27.0 through 1.32.1. Directly POSTing to Special:ChangeEmail would allow for bypassing re-authentication, allowing for potential account takeover...

9.8CVSS7.2AI score0.03427EPSS
Exploits0References4
OSV
OSV
added 2019/07/10 3:15 p.m.1 views

UBUNTU-CVE-2019-12467

MediaWiki through 1.32.1 has Incorrect Access Control issue 1 of 3. A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

5.3CVSS6.4AI score0.01263EPSS
Exploits0References4
Friends Of PHP
Friends Of PHP
added 2019/05/30 8:55 p.m.19 views

Direct POST to Special:ChangeEmail will bypass reauth check

More info at https://phabricator.wikimedia.org/T197279...

9.8CVSS7.2AI score0.03427EPSS
Exploits0Affected Software1
NVD
NVD
added 2006/12/14 6:28 p.m.20 views

CVE-2006-6548

Multiple cross-site scripting XSS vulnerabilities in cPanel WebHost Manager WHM 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the domain parameter to 1 scripts2/changeemail, 2 scripts2/limitbw, or 3 scripts/rearrangeacct. NOTE: the feature parameter to...

3.5CVSS5.4AI score0.00842EPSS
Exploits0References4
Rows per page
Query Builder