Lucene search
+L

5 matches found

Circl
Circl
added 2025/05/14 4:33 p.m.11 views

CVE-2025-47781

creationtimestamp| type| source ---|---|--- 2025-05-14 16:33:49+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16330 2025-05-14 16:38:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lp5gqad37u2t...

9.8CVSS4.8AI score0.00534EPSS
Exploits1References2
NVD
NVD
added 2025/05/14 4:15 p.m.21 views

CVE-2025-47781

Rallly is an open-source scheduling and collaboration tool. Versions up to and including 3.22.1 of the application features token based authentication. When a user attempts to login to the application, they insert their email and a 6 digit code is sent to their email address to complete the...

9.8CVSS0.00534EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/14 3:52 p.m.9 views

CVE-2025-47781 Rallly Insufficient Password Login Token Entropy Leads to Account Takeover

Rallly is an open-source scheduling and collaboration tool. Versions up to and including 3.22.1 of the application features token based authentication. When a user attempts to login to the application, they insert their email and a 6 digit code is sent to their email address to complete the...

9.8CVSS7.3AI score0.00534EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/14 3:52 p.m.28 views

CVE-2025-47781 Rallly Insufficient Password Login Token Entropy Leads to Account Takeover

Rallly is an open-source scheduling and collaboration tool. Versions up to and including 3.22.1 of the application features token based authentication. When a user attempts to login to the application, they insert their email and a 6 digit code is sent to their email address to complete the...

9.8CVSS0.00534EPSS
Exploits1References1
CVE
CVE
added 2025/05/14 3:52 p.m.69 views

CVE-2025-47781

CVE-2025-47781 targets Rallly, an open-source scheduling tool. A 6-digit login token with weak entropy and no brute-force protection lets an unauthenticated attacker, knowing a valid email, brute-force the token within 15 minutes, potentially taking over the user’s account. Affected versions: up ...

9.8CVSS9.6AI score0.00534EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder