Lucene search
K

22 matches found

NVD
NVD
added 2026/06/28 1:16 p.m.8 views

CVE-2026-13498

A vulnerability was identified in yashpokharna2555 restaurent-management-system. This affects an unknown function of the file /forgotpassword.php of the component POST Parameter Handler. Such manipulation of the argument email leads to sql injection. The attack can be launched remotely. The explo...

7.5CVSS0.00269EPSS
Exploits0References6
CVE
CVE
added 2026/06/28 1:0 p.m.29 views

CVE-2026-13498

The CVE concerns yashpokharna2555 restaurant-management-system. It identifies a vulnerability in an unknown function within /forgotpassword.php (POST Parameter Handler) where manipulating the email parameter leads to SQL injection. The issue can be exploited remotely and publicly available exploi...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/28 1:0 p.m.39 views

CVE-2026-13498 yashpokharna2555 restaurent-management-system POST Parameter forgotpassword.php sql injection

A vulnerability was identified in yashpokharna2555 restaurent-management-system. This affects an unknown function of the file /forgotpassword.php of the component POST Parameter Handler. Such manipulation of the argument email leads to sql injection. The attack can be launched remotely. The explo...

7.5CVSS0.00269EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.15 views

PT-2026-53109

Name of the Vulnerable Software and Affected Versions yashpokharna2555 restaurent-management-system affected versions not specified Description An issue exists in the POST Parameter Handler component within the /forgotpassword.php file. Remote manipulation of the email parameter allows for SQL...

7.5CVSS7.1AI score0.00269EPSS
Exploits0References12
Cvelist
Cvelist
added 2023/01/19 9:22 a.m.25 views

CVE-2015-10071 gitter-badger ezpublish-modern-legacy forgotpassword.php password recovery

A vulnerability was found in gitter-badger ezpublish-modern-legacy. It has been rated as problematic. This issue affects some unknown processing of the file kernel/user/forgotpassword.php. The manipulation leads to weak password recovery. The complexity of an attack is rather high. The exploitati...

2.6CVSS7.7AI score0.00591EPSS
Exploits0References4
CVE
CVE
added 2023/01/19 9:22 a.m.42 views

CVE-2015-10071

CVE-2015-10071 affects gitter-badger ezpublish-modern-legacy. The vulnerability involves the file kernel/user/forgotpassword.php, causing weak password recovery due to a flawed handling. Exploitation is described as difficult with high complexity and requires no user interaction; attack vector is...

7.5CVSS5.7AI score0.00591EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2023/01/19 12:0 a.m.4 views

eZ Publish Modern Legacy 授权问题漏洞

eZ Publish Modern Legacy is an older version of eZ Publish's project files for gitter-badger individual developers. An authorization issue vulnerability exists in eZ Publish Modern Legacy, which stems from a vulnerability found in gitter-badger ezpublish-modern-legacy that affects some unknown...

7.5CVSS5.3AI score0.00591EPSS
Exploits0References5
OSV
OSV
added 2022/05/17 2:46 a.m.16 views

GHSA-WM7G-RMGG-9837 GeniXCMS Arbitrary User Password Reset Vulnerability

forgotpassword.php in GeniXCMS lacks a rate limit, which might allow remote attackers to cause a denial of service login inability or possibly conduct Arbitrary User Password Reset attacks via a series of requests...

9.1CVSS9.2AI score0.01618EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/17 2:46 a.m.22 views

GeniXCMS Arbitrary User Password Reset Vulnerability

forgotpassword.php in GeniXCMS lacks a rate limit, which might allow remote attackers to cause a denial of service login inability or possibly conduct Arbitrary User Password Reset attacks via a series of requests...

9.1CVSS7.3AI score0.01618EPSS
Exploits0References4Affected Software1
Openbugbounty
Openbugbounty
added 2018/03/10 2:53 a.m.17 views

pdewebinars.org XSS vulnerability

Open Bug Bounty ID: OBB-577591 Description| Value ---|--- Affected Website:| pdewebinars.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/03/09 11:52 a.m.8 views

traderalerter.com XSS vulnerability

Open Bug Bounty ID: OBB-577249 Description| Value ---|--- Affected Website:| traderalerter.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/03/09 11:49 a.m.11 views

alchemy.net XSS vulnerability

Open Bug Bounty ID: OBB-577241 Description| Value ---|--- Affected Website:| alchemy.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/03/09 11:42 a.m.10 views

vmshl.com XSS vulnerability

Open Bug Bounty ID: OBB-577237 Description| Value ---|--- Affected Website:| vmshl.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/03/09 10:1 a.m.15 views

rymm.com XSS vulnerability

Open Bug Bounty ID: OBB-576991 Description| Value ---|--- Affected Website:| rymm.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
Prion
Prion
added 2017/05/08 6:29 a.m.14 views

Default credentials

forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might allow remote attackers to cause a denial of service login inability or possibly conduct Arbitrary User Password Reset attacks via a series of requests...

6.4CVSS9AI score0.01618EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/05/08 6:29 a.m.20 views

CVE-2017-8827

forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might allow remote attackers to cause a denial of service login inability or possibly conduct Arbitrary User Password Reset attacks via a series of requests...

9.1CVSS7.3AI score
Exploits0References1
Cvelist
Cvelist
added 2017/05/08 6:10 a.m.16 views

CVE-2017-8827

forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might allow remote attackers to cause a denial of service login inability or possibly conduct Arbitrary User Password Reset attacks via a series of requests...

9.2AI score0.01618EPSS
Exploits0References1
CVE
CVE
added 2017/05/08 6:10 a.m.52 views

CVE-2017-8827

CVE-2017-8827 affects GeniXCMS 1.0.2: the forgotpassword.php endpoint lacks rate limiting, enabling a remote attacker to cause login denial of service or potentially perform arbitrary user password reset attacks via repeated requests. The available connected documents corroborate the same descrip...

9.1CVSS9.1AI score0.01618EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2014/04/22 1:6 p.m.19 views

Default credentials

modules/Users/ForgotPassword.php in vTiger 6.0 before Security Patch 2 allows remote attackers to reset the password for arbitrary users via a request containing the username, password, and confirmPassword parameters...

6.4CVSS7.3AI score0.15782EPSS
Exploits7References2Affected Software1
Cvelist
Cvelist
added 2014/04/21 2:0 p.m.22 views

CVE-2014-2269

modules/Users/ForgotPassword.php in vTiger 6.0 before Security Patch 2 allows remote attackers to reset the password for arbitrary users via a request containing the username, password, and confirmPassword parameters...

6.8AI score0.15782EPSS
Exploits7References2
Rows per page
Query Builder