PT-2026-25669

Identity based authorization bypass vulnerability IDOR that allows an attacker to modify the data of a legitimate user account, such as changing the victim's email address, validating the new email address, and requesting a new password. This could allow them to take complete control of other...

PT-2025-2733 · Ctfd · Ctfd

Name of the Vulnerable Software and Affected Versions: CTFd version 3.7.3 Description: The issue is related to the validate email function in CTFd/utils/validators/ init .py, which allows attackers to cause a Regular expression Denial of Service ReDoS by providing a crafted string as an email...

SUSE CVE-2007-1900

CRLF injection vulnerability in the FILTERVALIDATEEMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to inject arbitrary e-mail headers via an e-mail address with a '\n' character, which causes a regular expression to ignore the subsequent part of the address...

CVE-2022-45172

An issue was discovered in LIVEBOX Collaboration vDesk before v018. Broken Access Control can occur under the /api/v1/registration/validateEmail endpoint, the /api/v1/vdeskintegration/user/adduser endpoint, and the /api/v1/registration/changePasswordUser endpoint. The web application is affected ...