6 matches found
CVE-2026-45248
Hedera Guardian through 3.5.1 contains an authentication bypass vulnerability in the GET /api/v1/demo/registered-users endpoint that allows unauthenticated attackers to retrieve sensitive user information. Attackers can access the endpoint without providing authentication credentials to obtain...
EUVD-2026-30494
Hedera Guardian through 3.5.1 contains an authentication bypass vulnerability in the GET /api/v1/demo/registered-users endpoint that allows unauthenticated attackers to retrieve sensitive user information. Attackers can access the endpoint without providing authentication credentials to obtain...
CVE-2026-45248
Hedera Guardian through 3.5.1 contains an authentication bypass vulnerability in the GET /api/v1/demo/registered-users endpoint that allows unauthenticated attackers to retrieve sensitive user information. Attackers can access the endpoint without providing authentication credentials to obtain...
CVE-2026-45248 Hedera Guardian Authentication Bypass Information Disclosure
Hedera Guardian through 3.5.1 contains an authentication bypass vulnerability in the GET /api/v1/demo/registered-users endpoint that allows unauthenticated attackers to retrieve sensitive user information. Attackers can access the endpoint without providing authentication credentials to obtain...
PT-2026-41130
Name of the Vulnerable Software and Affected Versions Hedera Guardian versions prior to 3.5.2 Description An authentication bypass exists in the 'GET /api/v1/demo/registered-users' endpoint. This allows unauthenticated attackers to retrieve sensitive user information, including usernames, Hedera...
PT-2024-34489 ยท Unknown ยท Phpgurukul User Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul User Management System version 1.0 Description: A Cross Site Scripting XSS issue was found in the "/ums-sp/admin/registered-users.php" endpoint, allowing remote attackers to execute arbitrary code via the fname POST request...