Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.7 views

PT-2026-7236

Name of the Vulnerable Software and Affected Versions Agentflow versions affected versions not specified Description Agentflow, developed by Flowring, exhibits an authentication bypass condition. Unauthenticated remote attackers can exploit a specific functionality to obtain arbitrary user...

9.8CVSS5.7AI score0.00507EPSS
Exploits0References11
CVE
CVE
added 2025/10/22 3:3 p.m.12 views

CVE-2025-62604

MeterSphere (open source continuous testing platform) contains a logic flaw prior to version 2.10.25-lts that allows retrieval of arbitrary user information. The underlying issue enables an unauthenticated attacker to log in as any user. A fix has been applied in version 2.10.25-lts. Practical im...

7.5CVSS6.7AI score0.00387EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/03/08 7:15 a.m.2 views

CVE-2024-11087

The miniOrange Social Login and Register Discord, Google, Twitter, LinkedIn Pro Addon plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 200.3.9. This is due to insufficient verification on the user being returned by the social login token. This make...

9.8CVSS5.8AI score
Exploits0References2
CNNVD
CNNVD
added 2022/11/09 12:0 a.m.3 views

Cisco Adaptive Security Appliance(ASA)Software和Cisco Firepower Threat Defense(FTD)Software 安全漏洞

Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliance are both products of Cisco Corporation.Cisco Firepower Threat Defense is a suite of unified software that provides next-generation firewall services. Cisco Adaptive Security Appliance is a network appliance. It is used to...

5.8CVSS6AI score0.00683EPSS
Exploits0References5
VulnCheck KEV
VulnCheck KEV
added 2021/10/11 12:0 a.m.8 views

VulnCheck KEV: CVE-2021-24647

The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing unauthenticated attacker to login as any user on the site by only knowing their user ID or userna...

8.1CVSS7.1AI score0.08377EPSS
Exploits3References1
OSV
OSV
added 2020/12/08 1:15 a.m.7 views

UBUNTU-CVE-2020-25629

A vulnerability was found in Moodle where users with "Log in as" capability in a course context typically, course managers may gain access to some site administration capabilities by "logging in as" a System manager. This affects 3.9 to 3.9.1, 3.8 to 3.8.4, 3.7 to 3.7.7, 3.5 to 3.5.13 and earlier...

8.8CVSS6.6AI score0.01304EPSS
Exploits0References3
CNVD
CNVD
added 2020/06/22 12:0 a.m.2 views

Mattermost Server Authorization Issues Vulnerability (CNVD-2020-41176)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 4.7.0, 4.6.2, and 4.5.2. The vulnerability can be exploited by an attacker to log in as any other user with the help of a...

8.8CVSS6.7AI score0.00929EPSS
Exploits0References1
OSV
OSV
added 2017/01/23 9:59 p.m.3 views

UBUNTU-CVE-2016-4340

The impersonate feature in Gitlab 8.7.0, 8.6.0 through 8.6.7, 8.5.0 through 8.5.11, 8.4.0 through 8.4.9, 8.3.0 through 8.3.8, and 8.2.0 through 8.2.4 allows remote authenticated users to "log in" as any other user via unspecified vectors...

8.8CVSS7.3AI score0.10143EPSS
Exploits5References3
Rows per page
Query Builder