10 matches found
EUVD-2023-37454
Malicious code in bioql PyPI...
CVE-2023-33291
In ebankIT 6, the public endpoints /public/token/Email/generate and /public/token/SMS/generate allow generation of OTP messages to any e-mail address or phone number without validation. It cannot be exploited with e-mail addresses or phone numbers that are registered in the application...
PT-2025-22562 · Schule · Schule
Name of the Vulnerable Software and Affected Versions: Schule versions prior to 1.0.1 Description: The issue concerns the generateOTP function, which generates a 4-digit numeric One-Time Password OTP with a limited range of 9000 possible combinations. This small keyspace makes the OTP highly...
CVE-2024-11178
CVE-2024-11178 affects the WordPress Login With OTP plugin. Versions
CVE-2023-33291
In ebankIT 6, the public endpoints /public/token/Email/generate and /public/token/SMS/generate allow generation of OTP messages to any e-mail address or phone number without validation. It cannot be exploited with e-mail addresses or phone numbers that are registered in the application...
CVE-2023-33291
In ebankIT 6, the public endpoints /public/token/Email/generate and /public/token/SMS/generate allow generation of OTP messages to any e-mail address or phone number without validation. It cannot be exploited with e-mail addresses or phone numbers that are registered in the application...
Design/Logic Flaw
In ebankIT 6, the public endpoints /public/token/Email/generate and /public/token/SMS/generate allow generation of OTP messages to any e-mail address or phone number without validation. It cannot be exploited with e-mail addresses or phone numbers that are registered in the application...
CVE-2023-33291
In ebankIT 6, the public endpoints /public/token/Email/generate and /public/token/SMS/generate allow generation of OTP messages to any e-mail address or phone number without validation. It cannot be exploited with e-mail addresses or phone numbers that are registered in the application...
CVE-2023-33291
In ebankIT 6, the public endpoints /public/token/Email/generate and /public/token/SMS/generate allow generation of OTP messages to any e-mail address or phone number without validation. It cannot be exploited with e-mail addresses or phone numbers that are registered in the application...
eBankIT 6 Arbitrary OTP Generation
CVE-2023-33291 Description In eBankIT 6, the public endpoints /public/token/Email/generate and /public/token/SMS/generate allow generation of OTP messages to any email address or phone number without validation. ------------------------------------------ Additional Information The cookies in the...