3 matches found
CVE-2026-7144 1000 Projects Portfolio Management System MCA update_passwd_process.php authorization
A security flaw has been discovered in 1000 Projects Portfolio Management System MCA 1.0. This impacts an unknown function of the file updatepasswdprocess.php. The manipulation of the argument tempuser results in authorization bypass. The attack can be launched remotely. The exploit has been...
PT-2026-35499
A security flaw has been discovered in 1000 Projects Portfolio Management System MCA 1.0. This impacts an unknown function of the file update passwd process.php. The manipulation of the argument temp user results in authorization bypass. The attack can be launched remotely. The exploit has been...
jshERP 授权问题漏洞
jshERP Huaxia ERP is a homegrown ERP system by the individual developer of China's Ji Sheng Hua. An authorization issue vulnerability exists in jshERP 3.5 and earlier versions, which stems from a weak password recovery due to incorrect operation of the file /jshERP-boot/user/updatePwd...