CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-39819

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00311EPSS

Exploits0References3

NVD•added 2025/06/09 5:15 p.m.•5 views

CVE-2024-46452

A Host Header injection vulnerability in the password reset function of VigyBag Open Source Online Shop commit 3f0e21b allows attackers to redirect victim users to a malicious site via a crafted URL...

6.1CVSS0.00166EPSS

Exploits0References3

Vulnrichment•added 2025/06/09 12:0 a.m.•2 views

CVE-2024-46452

7.3AI score0.00166EPSS

Exploits0References3

Cvelist•added 2025/06/09 12:0 a.m.•6 views

CVE-2024-46452

0.00166EPSS

Exploits0References3

Positive Technologies•added 2025/06/09 12:0 a.m.•2 views

PT-2025-24540 · Unknown · Vigybag Open Source Online Shop

Name of the Vulnerable Software and Affected Versions: VigyBag Open Source Online Shop affected versions not specified Description: A Host Header injection issue in the password reset function allows attackers to redirect victim users to a malicious site via a crafted URL. Recommendations: At the...

6.1CVSS6.3AI score0.00166EPSS

Exploits0References7

RedhatCVE•added 2025/05/23 9:34 a.m.•3 views

CVE-2024-22646

An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to guess which emails exist on the system...

5.3CVSS6.9AI score0.00348EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 8:2 a.m.•3 views

CVE-2024-29417

Insecure Permissions vulnerability in e-trust Horacius 1.0, 1.1, and 1.2 allows a local attacker to escalate privileges via the password reset function...

8.4CVSS7.1AI score0.00049EPSS

Exploits0References1

Cvelist•added 2024/05/03 12:0 a.m.•17 views

CVE-2024-29417

Insecure Permissions vulnerability in e-trust Horacius 1.0, 1.1, and 1.2 allows a local attacker to escalate privileges via the password reset function...

6.9AI score0.00049EPSS

Exploits0References1

Positive Technologies•added 2024/01/30 12:0 a.m.•2 views

PT-2024-19519 · Seo Panel · Seo Panel

Name of the Vulnerable Software and Affected Versions: SEO Panel version 4.10.0 Description: An email address enumeration issue exists in the password reset function. This allows an attacker to guess which emails exist on the system. Recommendations: For SEO Panel version 4.10.0, consider disabli...

5.3CVSS5.3AI score0.00348EPSS

Exploits1References9

seebug.org•added 2014/02/17 12:0 a.m.•24 views

ecshop找回密码功能存在安全隐患

简要描述：可能随时都能重置用户密码问题详细说明： user.php 740行 / 修改会员密码 / elseif $action == 'acteditpassword' includeonceROOTPATH . 'includes/libpassport.php'; $oldpassword = isset$POST'oldpassword' ? trim$POST'oldpassword' : null; $newpassword = isset$POST'newpassword' ? trim$POST'newpassword' : ''; $userid =...

7AI score

Exploits0

ThreatPost•added 2009/05/19 3:51 p.m.•9 views

Research: Password 'secret question' woefully insecure

In research to be presented at the IEEE Symposium on Security and Privacy virginia.edu this week, researchers from Microsoft and Carnegie Mellon University plan to show that the secret questions used to secure the password-reset functions of a variety of websites are woefully insecure. In a study...

1.4AI score

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by