Lucene search
K

39 matches found

Vulnrichment
Vulnrichment
added 2026/05/17 12:11 p.m.10 views

CVE-2018-25336 jCart for OpenCart 2.3.0.2 Cross-Site Request Forgery

jCart for OpenCart 2.3.0.2 contains a cross-site request forgery vulnerability that allows attackers to modify user account information without authentication. Attackers can craft malicious HTML forms targeting endpoints , and to change user credentials, passwords, and affiliate account details...

6.9CVSS5.7AI score0.00191EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/06 10:57 a.m.6 views

CVE-2026-28766

A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication...

9.3CVSS5.9AI score0.00436EPSS
Exploits1References1
NVD
NVD
added 2026/04/03 9:17 p.m.12 views

CVE-2026-28766

A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication...

9.3CVSS0.00436EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.6 views

PT-2026-30231

Name of the Vulnerable Software and Affected Versions Gardyn affected versions not specified Description A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication. Recommendations At the moment, there is no information about a newer...

9.3CVSS5.9AI score0.00436EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/01/07 9:41 a.m.6 views

CVE-1999-0198

finger .@host on some systems may print information on some user accounts...

10CVSS6.7AI score0.01648EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-24033

Malware in sbrugna...

3.3CVSS4.3AI score0.00247EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2022-31222

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01151EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-34641

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00329EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/10/01 4:2 a.m.3 views

CVE-2025-10538 Authentication Bypass in LG Innotek Camera

An authentication bypass vulnerability exists in LG Innotek camera models LND7210 and LNV7210R. The vulnerability allows a malicious actor to gain access to camera information including user account information...

8.8CVSS6.6AI score0.00578EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/01 12:0 a.m.6 views

PT-2025-40062

Name of the Vulnerable Software and Affected Versions LG Innotek camera models LND7210 and LNV7210R Description An authentication bypass flaw exists in LG Innotek camera models LND7210 and LNV7210R. This allows a malicious actor to gain access to camera information, including user account...

8.8CVSS6.7AI score0.00578EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 8:39 a.m.8 views

CVE-2024-23186

E-Mail containing malicious display-name information could trigger client-side script execution when using specific mobile devices. Attackers could perform malicious API requests or extract information from the users account. Please deploy the provided updates and patch releases. We now use safer...

6.5CVSS6.8AI score0.00575EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:38 a.m.7 views

CVE-2023-30216

Insecure permissions in the updateUserInfo function of newbee-mall before commit 1f2c2dfy allows attackers to obtain user account information...

5.4CVSS6.8AI score0.00329EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/12 4:11 p.m.18 views

CVE-2025-46745 Improper Privilege Management

An authenticated user without user-management permissions could view other users account information...

6.5CVSS0.00262EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/24 7:30 a.m.41 views

CVE-2023-5359 W3 Total Cache <= 2.7.5 - Sensitive Credentials Stored in Plaintext

The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible plugin source. This can allow unauthenticated attackers to impersonate W3 Total Cache and gain...

3.7CVSS6.6AI score0.00813EPSS
Exploits1References3
Prion
Prion
added 2023/05/04 9:15 p.m.20 views

Information disclosure

Insecure permissions in the updateUserInfo function of newbee-mall before commit 1f2c2dfy allows attackers to obtain user account information...

5.5CVSS5.4AI score0.00329EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/05/04 12:0 a.m.48 views

CVE-2023-30216

The CVE-2023-30216 entry affects the open-source e-commerce system newbee-mall prior to commit 1f2c2dfy, where the updateUserInfo function has insecure permissions. This configuration flaw allows attackers to obtain user account information, as described across multiple sources. Root cause: impro...

5.4CVSS5.4AI score0.00329EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/04 12:0 a.m.9 views

CVE-2023-30216

Insecure permissions in the updateUserInfo function of newbee-mall before commit 1f2c2dfy allows attackers to obtain user account information...

5.4AI score0.00329EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/05/04 12:0 a.m.26 views

CVE-2023-30216

Insecure permissions in the updateUserInfo function of newbee-mall before commit 1f2c2dfy allows attackers to obtain user account information...

5.7AI score0.00329EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/02/04 10:15 p.m.6 views

CVE-2021-32732 Cross-Site Request Forgery in xwiki-platform

Impact It's possible to know if a user has or not an account in a wiki related to an email address, and which usernames is actually tied to that email by forging a request to the Forgot username page. Note that since this page does not have a CSRF check it's quite easy to perform a lot of those...

7.5CVSS7.5AI score0.00964EPSS
Exploits1References5
OSV
OSV
added 2021/12/21 9:8 a.m.10 views

ALBA-2021:5230 accountsservice bug fix and enhancement update

The accountsservice project provides a set of D-Bus interfaces for querying and manipulating user account information. It is based on the useradd, usermod, and userdel commands. Bug Fixes and Enhancements: HP WS AlmaLinux 8.5 bug Desktop presentation changes between reboots when logging in as roo...

7.2AI score
Exploits0
Rows per page
Query Builder