Total
234 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-37158 | 1 Wwbn | 1 Avideo | 2026-02-20 | N/A | 5.3 MEDIUM |
| AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious requests to the recoverPass endpoint using the user's recovery token to change account credentials without authentication. | |||||
| CVE-2026-26273 | 1 Withknown | 1 Known | 2026-02-18 | N/A | 9.8 CRITICAL |
| Known is a social publishing platform. Prior to 1.6.3, a Critical Broken Authentication vulnerability exists in Known 1.6.2 and earlier. The application leaks the password reset token within a hidden HTML input field on the password reset page. This allows any unauthenticated attacker to retrieve the reset token for any user by simply querying the user's email, leading to full Account Takeover (ATO) without requiring access to the victim's email inbox. This vulnerability is fixed in 1.6.3. | |||||
| CVE-2020-37172 | 1 Wwbn | 1 Avideo | 2026-02-18 | N/A | 5.3 MEDIUM |
| AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious requests to the recoverPass endpoint using the user's recovery token to change account credentials without authentication. | |||||
| CVE-2026-2564 | 2026-02-18 | 7.6 HIGH | 8.1 HIGH | ||
| A security flaw has been discovered in Intelbras VIP 3260 Z IA 2.840.00IB005.0.T. Affected by this vulnerability is an unknown functionality of the file /OutsideCmd. The manipulation results in weak password recovery. It is possible to launch the attack remotely. Attacks of this nature are highly complex. The exploitation appears to be difficult. It is recommended to upgrade the affected component. | |||||
| CVE-2026-2543 | 2026-02-18 | 3.3 LOW | 2.7 LOW | ||
| A vulnerability was identified in vichan-devel vichan up to 5.1.5. This vulnerability affects unknown code of the file inc/mod/pages.php of the component Password Change Handler. The manipulation of the argument Password leads to unverified password change. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2026-25858 | 2026-02-09 | N/A | N/A | ||
| macrozheng mall version 1.0.3 and prior contains an authentication vulnerability in the mall-portal password reset workflow that allows an unauthenticated attacker to reset arbitrary user account passwords using only a victim’s telephone number. The password reset flow exposes the one-time password (OTP) directly in the API response and validates password reset requests solely by comparing the provided OTP to a value stored by telephone number, without verifying user identity or ownership of the telephone number. This enables remote account takeover of any user with a known or guessable telephone number. | |||||
| CVE-2022-50910 | 1 Beehiveforum | 1 Beehive Forum | 2026-02-02 | N/A | 9.8 CRITICAL |
| Beehive Forum 1.5.2 contains a host header injection vulnerability in the forgot password functionality that allows attackers to manipulate password reset requests. Attackers can inject a malicious host header to intercept password reset tokens and change victim account passwords without direct authentication. | |||||
| CVE-2026-1325 | 1 Sangfor | 1 Operation And Maintenance Security Management System | 2026-01-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| A security flaw has been discovered in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function edit_pwd_mall of the file /fort/login/edit_pwd_mall. The manipulation of the argument flag results in weak password recovery. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-4319 | 2026-01-26 | N/A | 9.4 CRITICAL | ||
| Improper Restriction of Excessive Authentication Attempts, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Brute Force, Password Recovery Exploitation.This issue affects Sufirmam: through 23012026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-4320 | 2026-01-26 | N/A | 10.0 CRITICAL | ||
| Authentication Bypass by Primary Weakness, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Authentication Bypass, Password Recovery Exploitation.This issue affects Sufirmam: through 23012026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-63314 | 1 Ddsn | 1 Cm3 Acora Cms | 2026-01-22 | N/A | 10.0 CRITICAL |
| A static password reset token in the password reset function of DDSN Interactive Acora CMS v10.7.1 allows attackers to arbitrarily reset the user password and execute a full account takeover via a replay attack. | |||||
| CVE-2025-15398 | 1 Uatech | 1 Badaso | 2026-01-14 | 2.6 LOW | 3.7 LOW |
| A security vulnerability has been detected in Uasoft badaso up to 2.9.7. Affected is the function forgetPassword of the file src/Controllers/BadasoAuthController.php of the component Token Handler. Such manipulation leads to weak password recovery. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is told to be difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-52560 | 1 Kanboard | 1 Kanboard | 2026-01-13 | N/A | 8.1 HIGH |
| Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard allows password reset emails to be sent with URLs derived from the unvalidated Host header when the application_url configuration is unset (default behavior). This allows an attacker to craft a malicious password reset link that leaks the token to an attacker-controlled domain. If a victim (including an administrator) clicks the poisoned link, their account can be taken over. This affects all users who initiate a password reset while application_url is not set. This issue has been patched in version 1.2.46. | |||||
| CVE-2025-6097 | 1 Utt | 2 750w, 750w Firmware | 2026-01-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in UTT 进取 750W up to 5.0 and classified as critical. Affected by this issue is the function formDefineManagement of the file /goform/setSysAdm of the component Administrator Password Handler. The manipulation of the argument passwd1 leads to unverified password change. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-65203 | 1 Keepassxc | 1 Keepassxc-browser | 2026-01-05 | N/A | 7.1 HIGH |
| KeePassXC-Browser thru 1.9.9.2 autofills or prompts to fill stored credentials into documents rendered under a browser-enforced CSP directive and iframe attribute sandbox, allowing attacker-controlled script in the sandboxed document to access populated form fields and exfiltrate credentials. | |||||
| CVE-2025-14783 | 2025-12-31 | N/A | 4.3 MEDIUM | ||
| The Easy Digital Downloads plugin for WordPress is vulnerable to Unvalidated Redirect in all versions up to, and including, 3.6.2. This is due to insufficient validation on the redirect url supplied via the 'edd_redirect' parameter. This makes it possible for unauthenticated attackers to redirect users with the password reset email to potentially malicious sites if they can successfully trick them into performing an action. | |||||
| CVE-2025-50433 | 1 Monnit | 1 Imonnit | 2025-12-29 | N/A | 9.8 CRITICAL |
| An issue was discovered in imonnit.com (2025-04-24) allowing malicious actors to gain escalated privileges via crafted password reset to take over arbitrary user accounts. | |||||
| CVE-2023-53958 | 2025-12-23 | N/A | 7.5 HIGH | ||
| LDAP Tool Box Self Service Password 1.5.2 contains a password reset vulnerability that allows attackers to manipulate HTTP Host headers during token generation. Attackers can craft malicious password reset requests that generate tokens sent to a controlled server, enabling potential account takeover by intercepting and using stolen reset tokens. | |||||
| CVE-2025-14696 | 2025-12-15 | 5.0 MEDIUM | 5.3 MEDIUM | ||
| A vulnerability was identified in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 4.10.24.3. Affected by this vulnerability is an unknown functionality of the file /api/GylOperator/UpdatePasswordBatch. The manipulation leads to weak password recovery. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-64113 | 2025-12-12 | N/A | N/A | ||
| Emby Server is a user-installable home media server. Versions below 4.9.1.81 allow an attacker to gain full administrative access to an Emby Server (for Emby Server administration, not at the OS level). Other than network access, no specific preconditions need to be fulfilled for a server to be vulnerable. This issue is fixed in version 4.9.1.81. | |||||