6 matches found
CVE-2025-26485
A vulnerability in Beta80 Life 1st enables the retrieval of different error messages for failed authentication attempts in case of the usage of a wrong password or a non existent user. The difference in the returned error messages could be used by attackers to understand whether a certain user is...
CVE-2025-26485
creationtimestamp| type| source ---|---|--- 2025-03-19 18:43:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkqtnbxbgx26 2025-03-19 18:49:30+00:00| seen| https://t.me/cvedetector/20653 2025-08-12 13:33:27+00:00| seen| MISP/02fb130c-7874-4693-9b66-81ed91a2e996 2025-08-21...
CVE-2025-26485
A vulnerability in Beta80 Life 1st enables the retrieval of different error messages for failed authentication attempts in case of the usage of a wrong password or a non existent user. The difference in the returned error messages could be used by attackers to understand whether a certain user is...
CVE-2025-26485
A vulnerability in Beta80 Life 1st enables the retrieval of different error messages for failed authentication attempts in case of the usage of a wrong password or a non existent user. The difference in the returned error messages could be used by attackers to understand whether a certain user is...
CVE-2025-26485
A vulnerability in Beta80 Life 1st enables the retrieval of different error messages for failed authentication attempts in case of the usage of a wrong password or a non existent user. The difference in the returned error messages could be used by attackers to understand whether a certain user is...
CVE-2025-26485
The CVE-2025-26485 entry describes a vulnerability in Beta80 Life 1st (affected version: 1.5.2.14234) where authentication error handling reveals differing messages for wrong passwords versus non-existent users. This enables potential user enumeration and information disclosure about registered i...