Lucene search
K

4 matches found

EUVD
EUVD
added 2026/05/28 2:13 p.m.12 views

EUVD-2026-32905

phpMyFAQ before 4.1.3 contains an unauthenticated password reset vulnerability in the user password update API endpoint that allows attackers to change account passwords without token validation. Attackers can enumerate valid username and email pairs and force immediate password changes by sendin...

8.8CVSS5.8AI score0.00241EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/28 2:13 p.m.10 views

CVE-2026-35676 phpMyFAQ - Unauthenticated Password Reset via User Password Update Endpoint

phpMyFAQ before 4.1.3 contains an unauthenticated password reset vulnerability in the user password update API endpoint that allows attackers to change account passwords without token validation. Attackers can enumerate valid username and email pairs and force immediate password changes by sendin...

8.8CVSS5.8AI score0.00241EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/28 2:13 p.m.7 views

CVE-2026-35676

phpMyFAQ before 4.1.3 contains an unauthenticated password reset vulnerability in the user password update API endpoint that allows attackers to change account passwords without token validation. Attackers can enumerate valid username and email pairs and force immediate password changes by sendin...

8.8CVSS5.8AI score0.00241EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/03/18 12:0 a.m.11 views

PT-2024-21308 · Fujian Kelixin · Fujian Kelixin Communication Command/Dispatch Platform

Name of the Vulnerable Software and Affected Versions: Fujian Kelixin Communication Command and Dispatch Platform versions up to 20240318 Description: A critical issue affects some unknown functionality of the file api/client/user/pwd update.php. The manipulation of the uuid argument leads to SQL...

9.8CVSS7.2AI score0.0194EPSS
Exploits0References7
Rows per page
Query Builder