39 matches found
CVE-2018-25336 jCart for OpenCart 2.3.0.2 Cross-Site Request Forgery
jCart for OpenCart 2.3.0.2 contains a cross-site request forgery vulnerability that allows attackers to modify user account information without authentication. Attackers can craft malicious HTML forms targeting endpoints , and to change user credentials, passwords, and affiliate account details...
CVE-2026-28766
A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication...
CVE-2026-28766
A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication...
PT-2026-30231
Name of the Vulnerable Software and Affected Versions Gardyn affected versions not specified Description A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication. Recommendations At the moment, there is no information about a newer...
CVE-1999-0198
finger .@host on some systems may print information on some user accounts...
EUVD-2021-24033
Malware in sbrugna...
EUVD-2022-31222
Malicious code in bioql PyPI...
EUVD-2023-34641
Malicious code in bioql PyPI...
CVE-2025-10538 Authentication Bypass in LG Innotek Camera
An authentication bypass vulnerability exists in LG Innotek camera models LND7210 and LNV7210R. The vulnerability allows a malicious actor to gain access to camera information including user account information...
PT-2025-40062
Name of the Vulnerable Software and Affected Versions LG Innotek camera models LND7210 and LNV7210R Description An authentication bypass flaw exists in LG Innotek camera models LND7210 and LNV7210R. This allows a malicious actor to gain access to camera information, including user account...
CVE-2024-23186
E-Mail containing malicious display-name information could trigger client-side script execution when using specific mobile devices. Attackers could perform malicious API requests or extract information from the users account. Please deploy the provided updates and patch releases. We now use safer...
CVE-2023-30216
Insecure permissions in the updateUserInfo function of newbee-mall before commit 1f2c2dfy allows attackers to obtain user account information...
CVE-2025-46745 Improper Privilege Management
An authenticated user without user-management permissions could view other users account information...
CVE-2023-5359 W3 Total Cache <= 2.7.5 - Sensitive Credentials Stored in Plaintext
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible plugin source. This can allow unauthenticated attackers to impersonate W3 Total Cache and gain...
Information disclosure
Insecure permissions in the updateUserInfo function of newbee-mall before commit 1f2c2dfy allows attackers to obtain user account information...
CVE-2023-30216
The CVE-2023-30216 entry affects the open-source e-commerce system newbee-mall prior to commit 1f2c2dfy, where the updateUserInfo function has insecure permissions. This configuration flaw allows attackers to obtain user account information, as described across multiple sources. Root cause: impro...
CVE-2023-30216
Insecure permissions in the updateUserInfo function of newbee-mall before commit 1f2c2dfy allows attackers to obtain user account information...
CVE-2023-30216
Insecure permissions in the updateUserInfo function of newbee-mall before commit 1f2c2dfy allows attackers to obtain user account information...
CVE-2021-32732 Cross-Site Request Forgery in xwiki-platform
Impact It's possible to know if a user has or not an account in a wiki related to an email address, and which usernames is actually tied to that email by forging a request to the Forgot username page. Note that since this page does not have a CSRF check it's quite easy to perform a lot of those...
ALBA-2021:5230 accountsservice bug fix and enhancement update
The accountsservice project provides a set of D-Bus interfaces for querying and manipulating user account information. It is based on the useradd, usermod, and userdel commands. Bug Fixes and Enhancements: HP WS AlmaLinux 8.5 bug Desktop presentation changes between reboots when logging in as roo...