Vulnerabilities > Weak Password Recovery Mechanism for Forgotten Password
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-10 | CVE-2019-13240 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Glpi-Project Glpi An issue was discovered in GLPI before 9.4.1. | 5.9 |
| 2019-06-21 | CVE-2019-10270 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Ultimatemember Ultimate Member An arbitrary password reset issue was discovered in the Ultimate Member plugin 2.39 for WordPress. | 8.8 |
| 2019-06-19 | CVE-2019-3787 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Pivotal Software Cloud Foundry Uaa-Release Cloud Foundry UAA, versions prior to 73.0.0, falls back to appending “unknown.org” to a user's email address when one is not provided and the user name does not contain an @ character. | 8.8 |
| 2019-06-17 | CVE-2019-12476 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Zohocorp Manageengine Adselfservice Plus 4.5/5.0 An authentication bypass vulnerability in the password reset functionality in Zoho ManageEngine ADSelfService Plus before 5.0.6 allows an attacker with physical access to gain a shell with SYSTEM privileges via the restricted thick client browser. | 6.8 |
| 2019-05-02 | CVE-2018-16988 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Xdmod Open Xdmod An issue was discovered in Open XDMoD through 7.5.0. | 9.8 |
| 2019-04-22 | CVE-2019-11414 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Intelbras IWR 3000N Firmware 1.5.0 An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. | 8.8 |
| 2019-04-22 | CVE-2019-11393 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tildeslash Monit An issue was discovered in /admin/users/update in M/Monit before 3.7.3. | 9.8 |
| 2019-04-17 | CVE-2019-10641 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Contao CMS Contao before 3.5.39 and 4.x before 4.7.3 has a Weak Password Recovery Mechanism for a Forgotten Password. | 9.8 |
| 2019-03-28 | CVE-2018-16529 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Forcepoint Email Security 8.5.0/8.5.3 A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. | 9.8 |
| 2019-03-21 | CVE-2018-19488 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Wp-Jobhunt Project Wp-Jobhunt The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_reset_pass() function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset the password of a user's account. | 9.8 |