3 matches found
CVE-2026-1670 Honeywell CCTV Products Missing Authentication for Critical Function
The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the "forgot password" recovery email address...
The vulnerability of the Blitz Identity Provider software, related to deficiencies in the authentication process, allows a perpetrator to change the email address of a user’s account.
The vulnerability of the Blitz Identity Provider software is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to change the email address of a user’s account remotely...
DeluxeBB <= 1.09 Remote Admin Email Change Exploit
Exploit for unknown platform in category web applications ================================================== DeluxeBB unbufferedquery"UPDATE ".$prefix."users SET email='$xemail', msn='$xmsn', icq='$xicq', ... WHERE username='$membercookie'"; So, editing cookie "membercookie" you can change remote...