CVE-2015-10071 gitter-badger ezpublish-modern-legacy forgotpassword.php password recovery

A vulnerability was found in gitter-badger ezpublish-modern-legacy. It has been rated as problematic. This issue affects some unknown processing of the file kernel/user/forgotpassword.php. The manipulation leads to weak password recovery. The complexity of an attack is rather high. The exploitati...

CVE-2015-10071

CVE-2015-10071 affects gitter-badger ezpublish-modern-legacy. The vulnerability involves the file kernel/user/forgotpassword.php, causing weak password recovery due to a flawed handling. Exploitation is described as difficult with high complexity and requires no user interaction; attack vector is...

eZ Publish Modern Legacy 授权问题漏洞

eZ Publish Modern Legacy is an older version of eZ Publish's project files for gitter-badger individual developers. An authorization issue vulnerability exists in eZ Publish Modern Legacy, which stems from a vulnerability found in gitter-badger ezpublish-modern-legacy that affects some unknown...

GHSA-WM7G-RMGG-9837 GeniXCMS Arbitrary User Password Reset Vulnerability

forgotpassword.php in GeniXCMS lacks a rate limit, which might allow remote attackers to cause a denial of service login inability or possibly conduct Arbitrary User Password Reset attacks via a series of requests...

GeniXCMS Arbitrary User Password Reset Vulnerability

forgotpassword.php in GeniXCMS lacks a rate limit, which might allow remote attackers to cause a denial of service login inability or possibly conduct Arbitrary User Password Reset attacks via a series of requests...

pdewebinars.org XSS vulnerability

Open Bug Bounty ID: OBB-577591 Description| Value ---|--- Affected Website:| pdewebinars.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

traderalerter.com XSS vulnerability

Open Bug Bounty ID: OBB-577249 Description| Value ---|--- Affected Website:| traderalerter.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

alchemy.net XSS vulnerability

Open Bug Bounty ID: OBB-577241 Description| Value ---|--- Affected Website:| alchemy.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

vmshl.com XSS vulnerability

Open Bug Bounty ID: OBB-577237 Description| Value ---|--- Affected Website:| vmshl.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

rymm.com XSS vulnerability

Open Bug Bounty ID: OBB-576991 Description| Value ---|--- Affected Website:| rymm.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Default credentials

forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might allow remote attackers to cause a denial of service login inability or possibly conduct Arbitrary User Password Reset attacks via a series of requests...

CVE-2017-8827

forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might allow remote attackers to cause a denial of service login inability or possibly conduct Arbitrary User Password Reset attacks via a series of requests...

CVE-2017-8827

CVE-2017-8827 affects GeniXCMS 1.0.2: the forgotpassword.php endpoint lacks rate limiting, enabling a remote attacker to cause login denial of service or potentially perform arbitrary user password reset attacks via repeated requests. The available connected documents corroborate the same descrip...

CVE-2017-8827

forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might allow remote attackers to cause a denial of service login inability or possibly conduct Arbitrary User Password Reset attacks via a series of requests...

Default credentials

modules/Users/ForgotPassword.php in vTiger 6.0 before Security Patch 2 allows remote attackers to reset the password for arbitrary users via a request containing the username, password, and confirmPassword parameters...

CVE-2014-2269

modules/Users/ForgotPassword.php in vTiger 6.0 before Security Patch 2 allows remote attackers to reset the password for arbitrary users via a request containing the username, password, and confirmPassword parameters...

MicroWorld eScan Antivirus Remote Root Command Execution

!/usr/bin/env python import sys from socket import auther: Mohammed almutairi [email protected] """ MicroWorld eScan Antivirus 1 if $POST'forgot' == "Send Password" $user = $POST"uname"; 2 insecure: vulnerable code in forgotpassword.php and commonfunctions.php in 1 $runasroot =...

MicroWorld eScan Antivirus < 3.x Remote Root Command Execution

Exploit for unknown platform in category remote exploits ============================================================== MicroWorld eScan Antivirus 1 if $POST'forgot' == "Send Password" $user = $POST"uname"; 2 insecure: vulnerable code in forgotpassword.php and commonfunctions.php in 1 $runasroot ...