CVE-2019-3578

MyBB 1.8.19 has XSS in the resetpassword function...

CVE-2020-35847

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function...

CVE-2020-35847

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function...

CVE-2020-35847

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function. Recent assessments: h00die at May 31, 2021 12:11pm UTC reported: Similar to CVE-2020-35846, this is a noSQL injection using the vardump function to dump all memory for the password reset...

Agentejo Cockpit NoSQL Injection Vulnerability (CNVD-2021-01561)

Agentejo Cockpit is a self-hosted "headless" and api-driven lightweight, open source content management system. A NoSQL injection vulnerability exists in Agentejo Cockpit versions prior to 0.11.2. The vulnerability can be exploited to conduct a NoSQL injection attack via the Controller/Auth.php...

PT-2019-16626 · Mybb · Mybb

Name of the Vulnerable Software and Affected Versions: MyBB version 1.8.19 Description: The issue is related to a problem in the resetpassword function, which has XSS. Recommendations: For MyBB version 1.8.19, update to a newer version that contains a fix for this issue...