PT-2024-31867 · Unknown · Bookreviewlibrary

Name of the Vulnerable Software and Affected Versions: BookReviewLibrary version 1.0 Description: A host header injection issue allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This is achieved through manipulating the host header, which...

PT-2024-31868 · Scheduler · Scheduler

Name of the Vulnerable Software and Affected Versions: scheduleR version 0.0.18 Description: A host header injection vulnerability allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This enables attackers to arbitrarily reset other users'...

PT-2024-22887 · Entrust · E-Trust Horacius

Name of the Vulnerable Software and Affected Versions: e-trust Horacius versions 1.0 through 1.2 Description: The issue allows a local attacker to escalate privileges via the password reset function. It is described as an Insecure Permissions vulnerability, enabling unauthenticated privilege...

PT-2024-19555 · Unknown · Bdtask G-Prescription Gynaecology & Obs Consultation

Name of the Vulnerable Software and Affected Versions: Bdtask G-Prescription Gynaecology & OBS Consultation Software version 1.0 Description: A vulnerability was found in the Password Reset Handler component, specifically affecting some unknown functionality of the file /Setting/change password...