7 matches found
EUVD-2010-4694
Malware in sbrugna...
CVE-2020-1772 Information Disclosure
It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Tokens, generated by users which already requested new passwords. This issue affects: OTRS Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15...
CVE-2019-18418
clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests because there is no session management...
Default credentials
clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests because there is no session management...
CVE-2019-18418
CVE-2019-18418 affects ClonOS WEB control panel version 19.09. The issue is in clonos.php where there is no session management, enabling remote attackers to gain full access by sending password-change requests. Multiple sources (NVD/NVD mirrors and security advisories) describe an authentication/...
Evernote hacked, reset your password Now !
Cloud note-taking service Evernote has been hacked and now you have to reset your password imminently. According to a post on the official Evernote blog, an unidentified attacker compromise the servers and extracted usernames, email addresses, and passwords. "Evernote’s Operations & Security team...
DEBIAN-CVE-2009-2336
The forgotten mail interface in WordPress and WordPress MU before 2.8.1 exhibits different behavior for a password request depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. NOTE: the vendor reportedly disputes the significance of this issue,...