11 matches found
EUVD-2025-16545
Malicious code in bioql PyPI...
EUVD-2025-22654
Malicious code in bioql PyPI...
CVE-2025-45777
An issue in the OTP mechanism of Chavara Family Welfare Centre Chavara Matrimony Site v2.0 allows attackers to bypass authentication via supplying a crafted request...
CVE-2025-45777
An issue in the OTP mechanism of Chavara Family Welfare Centre Chavara Matrimony Site v2.0 allows attackers to bypass authentication via supplying a crafted request...
CVE-2025-45777
An issue in the OTP mechanism of Chavara Family Welfare Centre Chavara Matrimony Site v2.0 allows attackers to bypass authentication via supplying a crafted request...
CVE-2025-45777
An issue in the OTP mechanism of Chavara Family Welfare Centre Chavara Matrimony Site v2.0 allows attackers to bypass authentication via supplying a crafted request...
CVE-2025-45777
CVE-2025-45777 affects the Chavara Matrimony Site (Chavara Family Welfare Centre) v2.0. The issue resides in the site’s OTP authentication mechanism, where a crafted request can bypass authentication. The available connected documents confirm the affected product (Chavara Matrimony Site version 2...
CVE-2025-45777
An issue in the OTP mechanism of Chavara Family Welfare Centre Chavara Matrimony Site v2.0 allows attackers to bypass authentication via supplying a crafted request...
PT-2025-30836 · Unknown · Chavara Matrimony Site
Name of the Vulnerable Software and Affected Versions: Chavara Matrimony Site version 2.0 Description: An issue exists in the OTP mechanism that allows attackers to bypass authentication by submitting a crafted request. Recommendations: At the moment, there is no information about a newer version...
CVE-2025-4607
CVE-2025-4607 concerns the PSW Front-end Login & Registration plugin for WordPress (versions up to and including 1.12). The vulnerability arises from a weak, low-entropy OTP mechanism in the forget() function, enabling unauthenticated attackers to initiate a password reset for any user (including...
Ukrainian Banking App Vulnerable to Attack
Privat24, the mobile banking application for Ukraine’s largest commercial bank, contains an insufficient validation vulnerability in its iOS, Android, and Windows phone apps that could give an attacker the ability to steal money from user accounts after bypassing its two-factor authentication...