3 matches found
CVE-2013-2315
data/class/pages/forgot/LCPageForgot.php in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 does not properly validate the input to the password reminder function, which allows remote attackers to obtain sensitive information via a crafted request...
PT-2023-32348 · Unknown · Sourcecodester Task Reminder System
Name of the Vulnerable Software and Affected Versions: SourceCodester Task Reminder System version 1.0 Description: A critical issue has been found, affecting an unknown part of the file /classes/Master.php?f=save reminder. The manipulation of the id argument leads to SQL injection. This issue ca...
CVE-2017-16804
In Redmine before 3.2.7 and 3.3.x before 3.3.4, the reminders function in app/models/mailer.rb does not check whether an issue is visible, which allows remote authenticated users to obtain sensitive information by reading e-mail reminder messages...