Total
250 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-43932 | 2025-07-08 | N/A | 9.8 CRITICAL | ||
| JobCenter through 7e7b0b2 allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header. | |||||
| CVE-2025-43931 | 2025-07-08 | N/A | 9.8 CRITICAL | ||
| flask-boilerplate through a170e7c allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header. | |||||
| CVE-2025-53373 | 2025-07-08 | N/A | N/A | ||
| Natours is a Tour Booking API. The attacker can easily take over any victim account by injecting an attacker-controlled server domain in the Host header when requesting the /forgetpassword endpoint. This vulnerability is fixed with commit 7401793a8d9ed0f0c250c4e0ee2815d685d7a70b. | |||||
| CVE-2024-53552 | 1 Crushftp | 1 Crushftp | 2025-06-27 | N/A | 9.8 CRITICAL |
| CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover. | |||||
| CVE-2024-2463 | 1 Cdex | 1 Cdex | 2025-06-17 | N/A | 8.0 HIGH |
| Weak password recovery mechanism in CDeX application allows to retrieve password reset token.This issue affects CDeX application versions through 5.7.1. | |||||
| CVE-2018-10210 | 1 Vaultize | 1 Enterprise File Sharing | 2025-05-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. Enumeration of users is possible through the password-reset feature. | |||||
| CVE-2025-4903 | 1 Dlink | 2 Di-7003g, Di-7003g Firmware | 2025-05-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). This affects the function sub_41F4F0 of the file /H5/webgl.asp?tggl_port=0&remote_management=0&http_passwd=game&exec_service=admin-restart. The manipulation leads to unverified password change. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-47646 | 2025-05-23 | N/A | 9.8 CRITICAL | ||
| Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gilblas Ngunte Possi PSW Front-end Login & Registration allows Password Recovery Exploitation. This issue affects PSW Front-end Login & Registration: from n/a through 1.13. | |||||
| CVE-2024-24903 | 1 Dell | 1 Policy Manager For Secure Connect Gateway | 2025-05-20 | N/A | 8.0 HIGH |
| Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change. | |||||
| CVE-2024-9305 | 1 Apppresser | 1 Apppresser | 2025-05-17 | N/A | 8.1 HIGH |
| The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.4.4. This is due to the appp_reset_password() and validate_reset_password() functions not having enough controls to prevent a successful brute force attack of the OTP to change a password, or verify that a password reset request came from an authorized user. This makes it possible for unauthenticated attackers to generate and brute force an OTP that makes it possible to change any users passwords, including an administrator. | |||||
| CVE-2021-29038 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2025-05-13 | N/A | 6.3 MEDIUM |
| Liferay Portal 7.2.0 through 7.3.5, and older unsupported versions, and Liferay DXP 7.3 before fix pack 1, 7.2 before fix pack 17, and older unsupported versions does not obfuscate password reminder answers on the page, which allows attackers to use man-in-the-middle or shoulder surfing attacks to steal user's password reminder answers. | |||||
| CVE-2025-22144 | 1 Namelessmc | 1 Nameless | 2025-05-13 | N/A | 9.8 CRITICAL |
| NamelessMC is a free, easy to use & powerful website software for Minecraft servers. A user with admincp.core.emails or admincp.users.edit permissions can validate users and an attacker can reset their password. When the account is successfully approved by email the reset code is NULL, but when the account is manually validated by a user with admincp.core.emails or admincp.users.edit permissions then the reset_code will no longer be NULL but empty. An attacker can request http://localhost/nameless/index.php?route=/forgot_password/&c= and reset the password. As a result an attacker may compromise another users password and take over their account. This issue has been addressed in release version 2.1.3 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2022-44004 | 1 Backclick | 1 Backclick | 2025-04-30 | N/A | 9.8 CRITICAL |
| An issue was discovered in BACKCLICK Professional 5.9.63. Due to insecure design or lack of authentication, unauthenticated attackers can complete the password-reset process for any account and set a new password. | |||||
| CVE-2023-3007 | 1 Kabir-m-alhasan | 1 Student Management System | 2025-04-22 | 6.4 MEDIUM | 6.5 MEDIUM |
| A vulnerability was found in ningzichun Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file resetPassword.php of the component Password Reset Handler. The manipulation of the argument sid leads to weak password recovery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-230354 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-43650 | 1 Fit2cloud | 1 Jumpserver | 2025-04-21 | N/A | 8.2 HIGH |
| JumpServer is an open source bastion host. The verification code for resetting user's password is vulnerable to brute-force attacks due to the absence of rate limiting. JumpServer provides a feature allowing users to reset forgotten passwords. Affected users are sent a 6-digit verification code, ranging from 000000 to 999999, to facilitate the password reset. Although the code is only available in 1 minute, this window potentially allows for up to 1,000,000 validation attempts. This issue has been addressed in versions 2.28.20 and 3.7.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2017-12851 | 1 Kanboard | 1 Kanboard | 2025-04-20 | 4.0 MEDIUM | 8.8 HIGH |
| An authenticated standard user could reset the password of the admin by altering form data. Affects kanboard before 1.0.46. | |||||
| CVE-2017-14005 | 1 Prominent | 2 Multiflex M10a Controller, Multiflex M10a Controller Firmware | 2025-04-20 | 6.5 MEDIUM | 8.8 HIGH |
| An Unverified Password Change issue was discovered in ProMinent MultiFLEX M10a Controller web interface. When setting a new password for a user, the application does not require the user to know the original password. An attacker who is authenticated could change a user's password, enabling future access and possible configuration changes. | |||||
| CVE-2015-3189 | 2 Cloudfoundry, Pivotal Software | 3 Cf-release, Cloud Foundry Elastic Runtime, Cloud Foundry Uaa | 2025-04-20 | 4.3 MEDIUM | 3.7 LOW |
| With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA Standalone versions 2.2.5 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier, old Password Reset Links are not expired after the user changes their current email address to a new one. This vulnerability is applicable only when using the UAA internal user store for authentication. Deployments enabled for integration via SAML or LDAP are not affected. | |||||
| CVE-2017-7551 | 1 Fedoraproject | 1 389 Directory Server | 2025-04-20 | 5.0 MEDIUM | 9.8 CRITICAL |
| 389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts. | |||||
| CVE-2017-5594 | 1 Pagekit | 1 Pagekit | 2025-04-20 | 4.3 MEDIUM | 7.5 HIGH |
| An issue was discovered in Pagekit CMS before 1.0.11. In this vulnerability the remote attacker is able to reset the registered user's password, when the debug toolbar is enabled. The password is successfully recovered using this exploit. The SecureLayer7 ID is SL7_PGKT_01. | |||||