Lucene search
K

4 matches found

CVE
CVE
added 2024/12/12 1:52 p.m.54 views

CVE-2024-28143

The CVE-2024-28143 issue affects Image Access Scan2Net software (Image Access Germany) via the password-change function at /cgi/admin.cgi, where the current/old password is not required. This enables an attacker to set a new password for a user without knowing the old one, potentially via CSRF. T...

8.4CVSS6.7AI score0.00267EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/14 12:0 a.m.6 views

DirectCyber Evolution Controller 安全漏洞

DirectCyber Evolution Controller is an access control controller software from DirectCyber, Inc. that is used to controller physical access to facilities. A security vulnerability exists in DirectCyber Evolution Controller version 2.x and prior versions that stems from default credentials on the...

9.8CVSS6.3AI score0.00625EPSS
Exploits0References3
OSV
OSV
added 2020/02/24 3:15 p.m.4 views

CVE-2019-20481

In MIELE XGW 3000 ZigBee Gateway before 2.4.0, the Password Change Function does not require knowledge of the old password. This can be exploited in conjunction with CVE-2019-20480...

9.8CVSS6AI score0.00587EPSS
Exploits0References1
Hacker One
Hacker One
added 2017/09/14 3:5 a.m.6 views

Hiro: No Confirmation Email For Email Change

https://forum.blockstack.org/u/username/preferences/email Hello, it looks like there is a security flaw in this part. While changing email address from email1 to email2. A Confirmation email is sent to email2 not to email1 which is the main account. This can lead to account lost if someone has us...

6.8AI score
Exploits0
Rows per page
Query Builder