EUVD-2026-6121

A vulnerability was identified in vichan-devel vichan up to 5.1.5. This vulnerability affects unknown code of the file inc/mod/pages.php of the component Password Change Handler. The manipulation of the argument Password leads to unverified password change. The attack can be initiated remotely. T...

PT-2026-8317

A vulnerability was identified in vichan-devel vichan up to 5.1.5. This vulnerability affects unknown code of the file inc/mod/pages.php of the component Password Change Handler. The manipulation of the argument Password leads to unverified password change. The attack can be initiated remotely. T...

EUVD-2023-44396

Malicious code in bioql PyPI...

EUVD-2025-16626

Malicious code in bioql PyPI...

EUVD-2025-12436

Malicious code in bioql PyPI...

CVE-2025-5437

The CVE-2025-5437 vulnerability affects Multilaser Sirius RE016 MLT1.0 in the Password Change Handler component, specifically the file /cgi-bin/cstecgi.cgi. The issue arises from manipulation of an unknown function, causing improper authentication. It can be exploited remotely and exploits have b...

PT-2025-23481 · Multilaser · Multilaser Sirius Re016 Mlt1.0

Name of the Vulnerable Software and Affected Versions: Multilaser Sirius RE016 MLT1.0 Description: A critical issue has been found in the Password Change Handler component, specifically in the /cgi-bin/cstecgi.cgi file. The manipulation of an unknown function leads to improper authentication,...

CVE-2024-7161

A vulnerability classified as problematic was found in SeaCMS 13.0. Affected by this vulnerability is an unknown functionality of the file /member.php?action=chgpwdsubmit of the component Password Change Handler. The manipulation of the argument newpwd/newpwd2 leads to cross-site request forgery...

CVE-2023-3761

A vulnerability was found in Intergard SGS 8.7.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Password Change Handler. The manipulation leads to cleartext transmission of sensitive information. The attack may be launched remotely. The...

CVE-2025-3979

A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-password-ajax-1 of the component Password Change Handler. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...

CVE-2025-3979 dazhouda lecms Password Change index.php cross-site request forgery

A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-password-ajax-1 of the component Password Change Handler. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...

PT-2025-18007 · Unknown · Dazhouda Lecms

Name of the Vulnerable Software and Affected Versions: dazhouda lecms version 3.0.3 Description: A problematic issue has been found in the Password Change Handler component, affecting the /index.php?my-password-ajax-1 file. This leads to cross-site request forgery and can be initiated remotely. T...

CVE-2024-7226

A vulnerability was found in SourceCodester Medicine Tracker System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /classes/Users.php?f=saveuser of the component Password Change Handler. The manipulation leads to cross-site request forgery. The attac...

CVE-2024-7226

CVE-2024-7226 refers to a cross-site request forgery in SourceCodester Medicine Tracker System 1.0, affecting the code path /classes/Users.php?f=save_user within the Password Change Handler. The vulnerability is triggered remotely and can be exploited after a user visit, with the exploit reported...

CVE-2024-7226 SourceCodester Medicine Tracker System Password Change cross-site request forgery

A vulnerability was found in SourceCodester Medicine Tracker System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /classes/Users.php?f=saveuser of the component Password Change Handler. The manipulation leads to cross-site request forgery. The attac...

CVE-2024-7161

A vulnerability classified as problematic was found in SeaCMS 13.0. Affected by this vulnerability is an unknown functionality of the file /member.php?action=chgpwdsubmit of the component Password Change Handler. The manipulation of the argument newpwd/newpwd2 leads to cross-site request forgery...

CVE-2024-7161

A vulnerability classified as problematic was found in SeaCMS 13.0. Affected by this vulnerability is an unknown functionality of the file /member.php?action=chgpwdsubmit of the component Password Change Handler. The manipulation of the argument newpwd/newpwd2 leads to cross-site request forgery...

CVE-2024-2483 Surya2Developer Hostel Management Service Password Change change-password.php cross-site request forgery

A vulnerability, which was classified as problematic, has been found in Surya2Developer Hostel Management Service 1.0. This issue affects some unknown processing of the file /change-password.php of the component Password Change Handler. The manipulation of the argument oldpassword leads to...

PT-2024-20596 · Unknown · Surya2Developer Hostel Management Service

Name of the Vulnerable Software and Affected Versions: Surya2Developer Hostel Management Service version 1.0 Description: A problematic issue has been found in the Password Change Handler component, specifically affecting the /change-password.php file. The manipulation of the oldpassword argument...

CVE-2023-3761

A vulnerability was found in Intergard SGS 8.7.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Password Change Handler. The manipulation leads to cleartext transmission of sensitive information. The attack may be launched remotely. The...