15 matches found
PT-2026-23115
Name of the Vulnerable Software and Affected Versions Drupal OpenID Connect / OAuth client versions prior to 1.5.0 Description A flaw exists in the OpenID Connect / OAuth client module that allows for privilege escalation due to improper handling of case sensitivity. The module does not adequatel...
CVE-2020-10240
An issue was discovered in Joomla! before 3.9.16. Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses...
Improper Input Validation
thorsten/phpmyfaq is vulnerable to improper input validation. The vulnerability is due to the application's failure to enforce unique email addresses during registration, which allows an attacker to create multiple accounts with the same email and potentially exploit this for account ambiguity,...
CVE-2025-61775
Vickey is a Misskey-based microblogging platform. A vulnerability exists in Vickey prior to version 2025.10.0 where unexpired email confirmation links can be reused multiple times to send repeated confirmation emails to a verified email address. Under certain conditions, a verified email address...
phpMyFAQ 4.0.7 < 4.0.13 Privilege Escalation Vulnerability (GHSA-9wj2-4hcm-r74j)
phpMyFAQ is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyfaq:phpmyfaq"; if...
CVE-2025-59943
phpMyFAQ is an open source FAQ web application. Versions 4.0-nightly-2025-10-03 and below do not enforce uniqueness of email addresses during user registration. This allows multiple distinct accounts to be created with the same email. Because email is often used as an identifier for password...
CVE-2025-59943
phpMyFAQ is an open source FAQ web application. Versions 4.0-nightly-2025-10-03 and below do not enforce uniqueness of email addresses during user registration. This allows multiple distinct accounts to be created with the same email. Because email is often used as an identifier for password...
CVE-2025-59943 phpMyFAQ duplicate email registration allows multiple accounts with the same email
phpMyFAQ is an open source FAQ web application. Versions 4.0-nightly-2025-10-03 and below do not enforce uniqueness of email addresses during user registration. This allows multiple distinct accounts to be created with the same email. Because email is often used as an identifier for password...
CVE-2025-59943 phpMyFAQ duplicate email registration allows multiple accounts with the same email
phpMyFAQ is an open source FAQ web application. Versions 4.0-nightly-2025-10-03 and below do not enforce uniqueness of email addresses during user registration. This allows multiple distinct accounts to be created with the same email. Because email is often used as an identifier for password...
CVE-2025-59943
CVE-2025-59943 affects phpMyFAQ prior to 4.0.13. Versions 4.0-nightly-2025-10-03 and earlier fail to enforce unique email addresses during user registration, allowing multiple distinct accounts to share the same email. This can cause account ambiguity and, in certain configurations, may lead to p...
GHSA-9WJ2-4HCM-R74J phpMyFAQ duplicate email registration allows multiple accounts with the same email
Summary phpMyFAQ does not enforce uniqueness of email addresses during user registration. This allows multiple distinct accounts to be created with the same email. Because email is often used as an identifier for password resets, notifications, and administrative actions, this flaw can cause...
BIT-JOOMLA-2020-10240
An issue was discovered in Joomla! before 3.9.16. Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses...
PYSEC-2024-172
Time-of-check Time-of-use TOCTOU Race Condition vulnerability in Apache StreamPipes in user self-registration.This allows an attacker to potentially request the creation of multiple accounts with the same email address until the email address is registered, creating many identical users and...
PT-2024-5227 · Apache · Apache Streampipes
Name of the Vulnerable Software and Affected Versions: Apache StreamPipes versions through 0.93.0 Description: A Time-of-check Time-of-use TOCTOU Race Condition issue exists in the user self-registration component of Apache StreamPipes. This allows an attacker to potentially create multiple...
PT-2020-11996 · Open Source Matters · Joomla!
Name of the Vulnerable Software and Affected Versions: Joomla! versions prior to 3.9.16 Description: An issue was discovered in Joomla! where missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses. Recommendations: For versions...