Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/14 2:46 p.m.8 views

CVE-2025-26341

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to reset arbitrary user passwords via crafted HTTP requests...

9.8CVSS7.3AI score0.01073EPSS
Exploits0References1
OSV
OSV
added 2025/02/12 2:15 p.m.6 views

CVE-2025-26341

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to reset arbitrary user passwords via crafted HTTP requests...

9.8CVSS5.9AI score0.01073EPSS
Exploits0References1
NVD
NVD
added 2025/02/12 2:15 p.m.5 views

CVE-2025-26341

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to reset arbitrary user passwords via crafted HTTP requests...

9.8CVSS0.01073EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/12 1:27 p.m.5 views

CVE-2025-26341

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to reset arbitrary user passwords via crafted HTTP requests...

9.8CVSS9.6AI score0.01073EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/12 1:27 p.m.13 views

CVE-2025-26341

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to reset arbitrary user passwords via crafted HTTP requests...

9.8CVSS0.01073EPSS
Exploits0References1
Rows per page
Query Builder