CVE-2016-20030

ZKTeco ZKBioSecurity 3.0 contains a user enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by submitting partial characters via the username parameter. Attackers can send requests to the authLoginAction!login.do script with varying username inputs to...

CVE-2016-20030

ZKTeco ZKBioSecurity 3.0 contains a user enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by submitting partial characters via the username parameter. Attackers can send requests to the authLoginAction!login.do script with varying username inputs to...

CVE-2016-20030 ZKTeco ZKBioSecurity 3.0 User Enumeration via authLoginAction

ZKTeco ZKBioSecurity 3.0 contains a user enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by submitting partial characters via the username parameter. Attackers can send requests to the authLoginAction!login.do script with varying username inputs to...

EUVD-2025-205817

Discourse is an open source discussion platform. Prior to versions 3.5.3, 2025.11.1, and 2025.12.0, an attacker who knows part of a username can find the user and their full name via UI or API, even when enablenames is disabled. Versions 3.5.3, 2025.11.1, and 2025.12.0 contain a fix...

PT-2025-54189

Discourse is an open source discussion platform. Prior to versions 3.5.3, 2025.11.1, and 2025.12.0, an attacker who knows part of a username can find the user and their full name via UI or API, even when enable names is disabled. Versions 3.5.3, 2025.11.1, and 2025.12.0 contain a fix...

Mozilla Firefox Address Bar Spoofing Vulnerability

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. An address bar spoofing vulnerability exists in Reader mode in versions of Mozilla Firefox prior to 54, which originates from displaying partial usernames and passwords in URLs. A remote attack...