Lucene search
+L

4 matches found

NVD
NVD
added 2025/01/13 8:15 p.m.18 views

CVE-2025-22144

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. A user with admincp.core.emails or admincp.users.edit permissions can validate users and an attacker can reset their password. When the account is successfully approved by email the reset code is NULL, but when t...

9.8CVSS0.00742EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/01/13 7:49 p.m.7 views

CVE-2025-22144 Account Takeover in NamelessMC

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. A user with admincp.core.emails or admincp.users.edit permissions can validate users and an attacker can reset their password. When the account is successfully approved by email the reset code is NULL, but when t...

9CVSS6.8AI score0.00742EPSS
Exploits1References2
CVE
CVE
added 2025/01/13 7:49 p.m.60 views

CVE-2025-22144

NamelessMC (web software for Minecraft servers) contains a vulnerability where a user with admincp.core.emails or admincp.users.edit permissions can manually validate another user, causing reset_code to become empty and enabling password reset via the forgot_password endpoint. This can allow an a...

9.8CVSS6.8AI score0.00742EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/01/13 7:49 p.m.10 views

CVE-2025-22144 Account Takeover in NamelessMC

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. A user with admincp.core.emails or admincp.users.edit permissions can validate users and an attacker can reset their password. When the account is successfully approved by email the reset code is NULL, but when t...

9CVSS7.1AI score0.00742EPSS
Exploits1References4
Rows per page
Query Builder