5 matches found
CVE-2026-26744
A user enumeration vulnerability exists in FormaLMS 4.1.18 and below in the password recovery functionality accessible via the /lostpwd endpoint. The application returns different error messages for valid and invalid usernames allowing an unauthenticated attacker to determine which usernames are...
CVE-2026-26744
A user enumeration vulnerability exists in FormaLMS 4.1.18 and below in the password recovery functionality accessible via the /lostpwd endpoint. The application returns different error messages for valid and invalid usernames allowing an unauthenticated attacker to determine which usernames are...
CVE-2026-26744
A user enumeration vulnerability exists in FormaLMS 4.1.18 and below in the password recovery functionality accessible via the /lostpwd endpoint. The application returns different error messages for valid and invalid usernames allowing an unauthenticated attacker to determine which usernames are...
CVE-2023-53943 GLPI 9.5.7 Username Enumeration Vulnerability via Lost Password Endpoint
GLPI 9.5.7 contains a username enumeration vulnerability in the lost password recovery mechanism that allows attackers to validate email addresses. Attackers can systematically test email addresses by submitting requests to the password reset endpoint and analyzing response differences to identif...
studenten-wohnung.de XSS vulnerability
Vulnerable URL: http://www.studenten-wohnung.de/lostpassword.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 09.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 684328 VIP website status:| No Coordinated Disclosure Timeline:...