CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

RedhatCVE•added 2025/05/23 7:31 a.m.•6 views

CVE-2024-48322

UsersController.php in Run.codes 1.5.2 and older has a reset password race condition vulnerability...

8.1CVSS7.1AI score0.13644EPSS

Exploits0References1

OSV•added 2024/11/11 8:15 p.m.•4 views

CVE-2024-48322

UsersController.php in Run.codes 1.5.2 and older has a reset password race condition vulnerability...

8.1CVSS7.3AI score0.13644EPSS

Exploits0References4

NVD•added 2024/11/11 8:15 p.m.•14 views

CVE-2024-48322

UsersController.php in Run.codes 1.5.2 and older has a reset password race condition vulnerability...

8.1CVSS0.13644EPSS

Exploits0References4

Vulnrichment•added 2024/11/11 12:0 a.m.•11 views

CVE-2024-48322

UsersController.php in Run.codes 1.5.2 and older has a reset password race condition vulnerability...

7.3AI score0.13644EPSS

Exploits0References4

NVD•added 2022/10/10 5:15 a.m.•7 views

CVE-2022-42724

app/Controller/UsersController.php in MISP before 2.4.164 allows attackers to discover role names this is information that only the site admin should have...

4.3CVSS0.0016EPSS

Exploits0References1

OSV•added 2022/10/10 5:15 a.m.•10 views

CVE-2022-42724

app/Controller/UsersController.php in MISP before 2.4.164 allows attackers to discover role names this is information that only the site admin should have...

4.3CVSS6.4AI score

Exploits0References1

CNNVD•added 2022/10/10 12:0 a.m.•3 views

MISP 信息泄露漏洞

MISP is an open source software solution. It is used to collect, store, distribute, and share network security metrics, and has features such as threat network security event analysis and malware analysis. information leakage vulnerability exists in versions of MISP prior to 2.4.164, which stems...

4.3CVSS6.4AI score0.0016EPSS

Exploits0References2

Prion•added 2020/12/31 3:15 a.m.•7 views

Input validation

Exponent CMS before 2.6.0 has improper input validation in usersController.php...

7.5CVSS7.1AI score0.00518EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/12/31 2:10 a.m.•10 views

CVE-2016-9022

Exponent CMS before 2.6.0 has improper input validation in usersController.php...

9.5AI score0.00518EPSS

Exploits0References2

CVE•added 2018/06/22 2:0 p.m.•42 views

CVE-2018-12649

CVE-2018-12649 affects MISP 2.4.92 in app/Controller/UsersController.php, where brute-force protection for login only covers POST requests. An adversary can bypass protection by using PUT for login, enabling potential brute-force attempts. The recorded metrics show CVSS v3 base score 9.8 (CRITICA...

9.8CVSS9.4AI score0.0029EPSS

Exploits0References1Affected Software1

NVD•added 2016/11/11 10:59 p.m.•8 views

CVE-2016-9286

framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0patch1 does not properly restrict access to user records, which allows remote attackers to read address information, as demonstrated by an address/show/id/1 URI...

5.3CVSS5.3AI score0.00213EPSS

Exploits0References3

NVD•added 2016/11/11 10:59 p.m.•12 views

CVE-2016-9284

getUsersByJSON in framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via users/getUsersByJSON/sort/ and a trailing string...

5.3CVSS5.2AI score0.00213EPSS

Exploits0References3

Cvelist•added 2016/11/11 10:0 p.m.•12 views

CVE-2016-9286

5.2AI score0.00213EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by