9 matches found
CVE-2023-49032
An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via hijack of the SMS verification code function to arbitrary phone...
CVE-2018-12421
LTB aka LDAP Tool Box Self Service Password before 1.3 allows a change to a user password without knowing the old password via a crafted POST request, because the ldapbind return value is mishandled and the PHP data type is not constrained to be a string...
EUVD-2023-53056
Malicious code in bioql PyPI...
MAL-2025-22368 Malicious code in hello_ltb (npm)
The package helloltb was found to contain malicious code...
CVE-2023-49032
An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via hijack of the SMS verification code function to arbitrary phone...
CVE-2023-49032
An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via hijack of the SMS verification code function to arbitrary phone...
CVE-2023-49032
An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via hijack of the SMS verification code function to arbitrary phone...
CVE-2023-49032
CVE-2023-49032 affects LTB Self Service Password prior to v1.5.4. The issue allows a remote attacker to execute arbitrary code and obtain sensitive information by hijacking the SMS verification code function to an arbitrary phone. Affected software is LTB Self Service Password (versions before 1....
CVE-2018-12421
LTB Self Service Password prior to 1.3 has a vulnerability: a crafted POST can change a user’s password without the old one because ldap_bind return value handling and PHP typing are mishandled. Affected product: LTB Self Service Password. CVSS3 base score 9.8 (CRITICAL) with impact to confidenti...