FeehiCMS 安全漏洞

FeehiCMS is a Php-based CMS website builder by Liufee Personal Developer. A security vulnerability exists in FeehiCMS version 2.1.1, which stems from the server-side failure to implement immutability for read-only parameters, which could lead to user name modification...

EUVD-2009-2946

Malware in sbrugna...

PT-2025-39663

Name of the Vulnerable Software and Affected Versions Rancher versions prior to 2.12.2 Rancher versions prior to 2.11.6 Rancher versions prior to 2.10.10 Rancher versions prior to 2.9.12 Description A missing server-side validation on the .username field in Rancher allows users with update...

Seafile 安全漏洞

Seafile is an open source enterprise cloud disk from China Haiwen Huzhi Network Technology Seafile. The product features Markdown WYSIWYG editing, Wiki, file labeling, and more. A security vulnerability exists in Seafile versions 11.0.18-Pro, 12.0.10, and 12.0.10-Pro, which stems from a...

CVE-2025-55301 The Scratch Channel Allows Username Modification

The Scratch Channel is a news website. In version 1, it is possible to go to application in devtools and click local storage to edit the account's username locally. This issue has been patched in version 1.1...

CVE-2025-55301 The Scratch Channel Allows Username Modification

The Scratch Channel is a news website. In version 1, it is possible to go to application in devtools and click local storage to edit the account's username locally. This issue has been patched in version 1.1...

CVE-2024-8121

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to unauthorized modification of user names due to a missing capability check on the wpextchangeadminname function in all versions up to, and including, 3.0.8. This makes it possible for authenticated attackers, wi...

CVE-2025-46744

An authenticated administrator could modify the Created By username for a user account...

CVE-2024-46610

An access control issue in IceCMS v3.4.7 and before allows attackers to arbitrarily modify users' information, including username and password, via a crafted POST request sent to the endpoint /User/ChangeUser/s in the ChangeUser function in UserController.java...

CVE-2024-46610

An access control issue in IceCMS v3.4.7 and before allows attackers to arbitrarily modify users' information, including username and password, via a crafted POST request sent to the endpoint /User/ChangeUser/s in the ChangeUser function in UserController.java...

CVE-2023-43901

Incorrect access control in the AdHoc User creation form of EMSigner v2.8.7 allows unauthenticated attackers to arbitrarily modify usernames and privileges by using the email address of a registered user...

CVE-2023-43901

Incorrect access control in the AdHoc User creation form of EMSigner v2.8.7 allows unauthenticated attackers to arbitrarily modify usernames and privileges by using the email address of a registered user...

SUSE CVE-2022-2385

A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges...

PT-2022-16291 · Amazon +1 · Aws-Iam-Authenticator +1

Name of the Vulnerable Software and Affected Versions: aws-iam-authenticator versions prior to 0.5.9 Description: A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges. Recommendations: For versions...

Resolve Username Being Modified Before Sending to RADIUS Server Using NetScaler nFactor

Introduction nFactor is the next generation authentication framework that offers great flexibility in configuring authentication flows for users. nFactor allows for extensible authentication models thus offering clean separation of workflows. This framework could be used to configure all the...

Fusion K2 Wireless Router Exists Override Change Password Vulnerability

The Fusion K2 Wireless Router is a wireless router for home use. A vulnerability exists in the Fusion K2 Wireless Router that allows an attacker to modify the password without logging in to the administrator. This vulnerability allows an attacker to modify the username and password without loggin...

CVE-2009-2960

CVE-2009-2960 affects CuteFlow 2.10.3 and 2.11.0_c. The vulnerability is that pages/edituser.php is not properly restricted, allowing remote attackers to modify usernames and passwords via a direct request. The impact is aligned with partial confidentiality and partial integrity, as per CVSS metr...

CVE-2002-0315

fasttrack p2p, as used in 1 KaZaA, 2 grokster, and 3 morpheus allows remote attackers to spoof other users by modifying the username and network information in the message header...