Vulnerabilities > Weak Password Recovery Mechanism for Forgotten Password
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-26 | CVE-2020-12067 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Pilz PMC 3.0.0 In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), a user's password may be changed by an attacker without knowledge of the current password. | 7.5 |
| 2022-11-16 | CVE-2022-44004 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Backclick 5.9.63 An issue was discovered in BACKCLICK Professional 5.9.63. | 9.8 |
| 2022-08-01 | CVE-2022-34530 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Backdropcms Backdrop CMS An issue in the login and reset password functionality of Backdrop CMS v1.22.0 allows attackers to enumerate usernames via password reset requests and distinct responses returned based on usernames. | 5.3 |
| 2022-07-06 | CVE-2022-23172 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Priority-Software Priority 19.1.0.68 An attacker can access to "Forgot my password" button, as soon as he puts users is valid in the system, the system would issue a message that a password reset email had been sent to user. | 4.3 |
| 2022-05-09 | CVE-2022-29933 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Craftcms Craft CMS Craft CMS through 3.7.36 allows a remote unauthenticated attacker, who knows at least one valid username, to reset the account's password and take over the account by providing a crafted HTTP header to the application while using the password reset functionality. | 8.8 |
| 2022-04-28 | CVE-2022-24892 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Shopware Shopware is an open source e-commerce software platform. | 7.5 |
| 2022-04-15 | CVE-2022-27157 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in PHP Pearweb pearweb < 1.32 is suffers from a Weak Password Recovery Mechanism via include/users/passwordmanage.php. | 9.8 |
| 2022-04-08 | CVE-2021-43498 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Atutor 2.2.4 An Access Control vulnerability exists in ATutor 2.2.4 in password_reminder.php when the g, id, h, form_password_hidden, and form_change HTTP POST parameters are set. | 7.5 |
| 2022-03-29 | CVE-2022-1073 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Automatic Question Paper Generator System Project Automatic Question Paper Generator System 1.0 A vulnerability was found in Automatic Question Paper Generator 1.0. | 9.8 |
| 2022-03-01 | CVE-2022-0777 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Microweber Weak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3. | 7.5 |