Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Tenable Nessus
Tenable Nessusadded 2024/11/05 12:0 a.m.4 views

Mastodon 4.1.x < 4.1.14 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 3.5.18 or 4.0.x prior to 4.0.14 or 4.1.x prior to 4.1.14 or 4.2.x prior to 4.2.6. It is, therefore, affected by multiples vulnerabilities : - Destroying OAuth Applications doesn't notify...

7.4CVSS7.5AI score0.0038EPSS
Exploits1References4
Cvelist
Cvelistadded 2024/02/14 8:45 p.m.18 views

CVE-2024-25618 External OpenID Connect Account Takeover by E-Mail Change in mastodon

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows new identities from configured authentication providers CAS, SAML, OIDC to attach to existing local users with the same e-mail address. This results in a possible account takeover if the authentication...

4.2CVSS4.7AI score0.0038EPSS
Exploits1References2
Hacker One
Hacker Oneadded 2020/08/12 11:38 a.m.14 views

Mail.ru: Возможность изменить поле "E-Mail для доступа в личный кабинет" у другого пользователя [corporate.city-mobil.ru]

It was possible to change e-mail address of the user via corporate.city-mobil.ru. An award for this report was distributed evenly between 956791 and 971422. Report 956791 demonstrated the vector for corporate.city-mobil.ru, 971422 demonstrated this vulnerability may have higher impact besides the...

1.6AI score
Exploits0
seebug.org
seebug.orgadded 2011/08/29 12:0 a.m.25 views

cPanel &lt; 11.30.2 Multiple CSRF Vulnerabilities

No description provided by source. + Info================================================================= - Exploit Title: cPanel 11.30.2 Multiple CSRF Vulnerabilities - Author: Net.Edit0r - Home : Black-HG.Org h4ckcity.org - Version: 11.30.2 - Software Link: http://cpanel.net - Email :...

7.1AI score
Exploits0
NVD
NVDadded 2011/08/09 7:55 p.m.19 views

CVE-2011-2978

Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 does not prevent changes to the confirmation e-mail address aka oldemail field for e-mail change notifications, which makes it easier for remote...

5CVSS6.7AI score0.00651EPSS
Exploits1References7
CVE
CVEadded 2011/08/09 7:0 p.m.57 views

CVE-2011-2978

Bugzilla CVE-2011-2978: The vulnerability arises because Bugzilla does not prevent changes to the confirmation email address (old_email) when a user initiates an email change, allowing an attacker with access to another user’s session (e.g., an unattended workstation) to redirect the change notif...

5CVSS6.6AI score0.00651EPSS
Exploits1References7Affected Software1
0day.today
0day.todayadded 2011/07/04 12:0 a.m.51 views

VietNext CMS Multiple Vulnerabilities

Exploit for php platform in category web applications + Exploit Title:Multiple Vulnerabilities + Date: 2011 + script:VietNext cms + Software: http://vietnextco.com & http://vietnext.vn + Author : pentesters.ir + Website : WwW.PenTesters.IR + dorks :"Developed & Design By VietNext" and "Design by...

7.1AI score
Exploits0
Rows per page
Query Builder