Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2026/02/09 1:33 a.m.6 views

CVE-2026-25858

macrozheng mall version 1.0.3 and prior contains an authentication vulnerability in the mall-portal password reset workflow that allows an unauthenticated attacker to reset arbitrary user account passwords using only a victim’s telephone number. The password reset flow exposes the one-time passwo...

9.8CVSS5.7AI score0.00615EPSS
Exploits0References1
OSV
OSV
added 2026/02/07 9:45 p.m.4 views

CVE-2026-25858 macrozheng mall <= 1.0.3 Unauthenticated Password Reset via OTP Disclosure

macrozheng mall version 1.0.3 and prior contains an authentication vulnerability in the mall-portal password reset workflow that allows an unauthenticated attacker to reset arbitrary user account passwords using only a victim’s telephone number. The password reset flow exposes the one-time passwo...

9.3CVSS6.1AI score0.00615EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/07 12:0 a.m.10 views

PT-2026-6933

Name of the Vulnerable Software and Affected Versions macrozheng mall versions prior to 1.0.4 Description The software contains an authentication issue in the password reset process. An unauthenticated attacker can reset user account passwords using only a victim’s telephone number. The one-time...

9.3CVSS5.6AI score0.00615EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-24050

Malicious code in bioql PyPI...

6.9CVSS5.6AI score0.0053EPSS
Exploits1References5
OSV
OSV
added 2025/08/09 2:2 p.m.6 views

CVE-2025-8755 macrozheng mall com.macro.mall.portal.controller UmsMemberController.java detail authorization

A vulnerability was found in macrozheng mall up to 1.0.3 and classified as problematic. This issue affects the function detail of the file UmsMemberController.java of the component com.macro.mall.portal.controller. The manipulation of the argument orderId leads to authorization bypass. The attack...

6.9CVSS5.1AI score0.0053EPSS
Exploits1References7
CNVD
CNVD
added 2019/03/21 12:0 a.m.5 views

PHP Scripts Mall Entrepreneur Job Portal Script Directory Traversal Vulnerability

PHP Scripts Mall Entrepreneur Job Portal Script is a PHP script that allows you to create your own job portal. A directory traversal vulnerability exists in PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1, which can be exploited to achieve directory traversal by directly requesting an image...

6.5CVSS7.1AI score0.01637EPSS
Exploits1References1
Rows per page
Query Builder