Total
156 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-11027 | 2 Debian, Wordpress | 2 Debian Linux, Wordpress | 2023-06-20 | 8.1 High |
| In affected versions of WordPress, a password reset link emailed to a user does not expire upon changing the user password. Access would be needed to the email account of the user by a malicious party for successful execution. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33). | ||||
| CVE-2023-31459 | 1 Mitel | 1 Mivoice Connect | 2023-06-01 | 8.8 High |
| A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect versions 9.6.2208.101 and earlier could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because the initial installation does not enforce a password change. A successful exploit could allow an attacker to make arbitrary configuration changes and execute arbitrary commands. | ||||
| CVE-2023-31287 | 1 Serenity | 2 Serene, Startsharp | 2023-05-30 | 7.8 High |
| An issue was discovered in Serenity Serene (and StartSharp) before 6.7.0. Password reset links are sent by email. A link contains a token that is used to reset the password. This token remains valid even after the password reset and can be used a second time to change the password of the corresponding user. The token expires only 3 hours after issuance and is sent as a query parameter when resetting. An attacker with access to the browser history can thus use the token again to change the password in order to take over the account. | ||||
| CVE-2023-30466 | 1 Milesight | 40 Ms-n1004-uc, Ms-n1004-uc Firmware, Ms-n1004-upc and 37 more | 2023-05-05 | 9.8 Critical |
| This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to a weak password reset mechanism at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http requests on the targeted device. Successful exploitation of this vulnerability could allow remote attacker to account takeover on the targeted device. | ||||
| CVE-2023-28821 | 1 Concretecms | 1 Concrete Cms | 2023-05-05 | 5.3 Medium |
| Concrete CMS (previously concrete5) before 9.1 did not have a rate limit for password resets. | ||||
| CVE-2021-36436 | 1 Mobicint | 1 Mobicint | 2023-05-02 | 5.3 Medium |
| An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email addresses and user entered information via submission to the forgotten-password endpoint. | ||||
| CVE-2018-17881 | 2 D-link, Dlink | 2 Dir-823g Firmware, Dir-823g | 2023-04-26 | N/A |
| On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 SetPasswdSettings commands without authentication to trigger an admin password change. | ||||
| CVE-2019-10270 | 1 Ultimatemember | 1 Ultimate Member | 2023-04-17 | 8.8 High |
| An arbitrary password reset issue was discovered in the Ultimate Member plugin 2.39 for WordPress. It is possible (due to lack of verification and correlation between the reset password key sent by mail and the user_id parameter) to reset the password of another user. One only needs to know the user_id, which is publicly available. One just has to intercept the password modification request and modify user_id. It is possible to modify the passwords for any users or admin WordPress Ultimate Members. This could lead to account compromise and privilege escalation. | ||||
| CVE-2022-45637 | 1 Megafeis | 1 Bofei Dbd\+ | 2023-03-28 | 9.8 Critical |
| An insecure password reset issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 service via insecure expiry mechanism. | ||||
| CVE-2017-7551 | 1 Fedoraproject | 1 389 Directory Server | 2023-02-12 | N/A |
| 389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts. | ||||
| CVE-2022-25027 | 1 Rocketsoftware | 1 Trufusion Enterprise | 2023-01-23 | 7.5 High |
| The Forgotten Password functionality of Rocket TRUfusion Portal v7.9.2.1 allows remote attackers to bypass authentication and access restricted pages by validating the user's session token when the "Password forgotten?" button is clicked. | ||||
| CVE-2017-7615 | 1 Mantisbt | 1 Mantisbt | 2023-01-20 | 8.8 High |
| MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php. | ||||
| CVE-2020-12067 | 1 Pilz | 1 Pmc | 2023-01-05 | 7.5 High |
| In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), a user's password may be changed by an attacker without knowledge of the current password. | ||||
| CVE-2022-47377 | 1 Sick | 2 Sim2000 Firmware, Sim2000st | 2022-12-21 | 9.8 Critical |
| Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13.4 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and thereby affecting the confidentiality integrity and availability of the system. An attacker can expect repeatable success by exploiting the vulnerability. The recommended solution is to update the firmware to a version >= 1.13.4 as soon as possible (available in SICK Support Portal). | ||||
| CVE-2016-8716 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2022-12-14 | 7.5 High |
| An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepting this traffic is able to obtain valid credentials. | ||||
| CVE-2022-44004 | 1 Backclick | 1 Backclick | 2022-11-20 | 9.8 Critical |
| An issue was discovered in BACKCLICK Professional 5.9.63. Due to insecure design or lack of authentication, unauthenticated attackers can complete the password-reset process for any account and set a new password. | ||||
| CVE-2018-10081 | 1 Cmsmadesimple | 1 Cms Made Simple | 2022-10-03 | N/A |
| CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as demonstrated by a hash beginning with the "0e" substring. | ||||
| CVE-2018-12421 | 1 Ltb-project | 1 Ldap Tool Box Self Service Password | 2022-10-03 | N/A |
| LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a user password (without knowing the old password) via a crafted POST request, because the ldap_bind return value is mishandled and the PHP data type is not constrained to be a string. | ||||
| CVE-2022-37300 | 1 Schneider-electric | 70 Ecostruxure Control Expert, Ecostruxure Process Expert, Modicon M340 Bmxp341000 and 67 more | 2022-09-15 | 9.8 Critical |
| A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and write mode to the controller when communicating over Modbus. Affected Products: EcoStruxure Control Expert Including all Unity Pro versions (former name of EcoStruxure Control Expert) (V15.0 SP1 and prior), EcoStruxure Process Expert, Including all versions of EcoStruxure Hybrid DCS (former name of EcoStruxure Process Expert) (V2021 and prior), Modicon M340 CPU (part numbers BMXP34*) (V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*) (V3.20 and prior). | ||||
| CVE-2022-34530 | 1 Backdropcms | 1 Backdrop Cms | 2022-08-08 | 5.3 Medium |
| An issue in the login and reset password functionality of Backdrop CMS v1.22.0 allows attackers to enumerate usernames via password reset requests and distinct responses returned based on usernames. | ||||