Vulnerabilities > Weak Password Recovery Mechanism for Forgotten Password

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-15	CVE-2022-27157	Weak Password Recovery Mechanism for Forgotten Password vulnerability in PHP Pearweb pearweb < 1.32 is suffers from a Weak Password Recovery Mechanism via include/users/passwordmanage.php. network low complexity php CWE-640	7.5
2022-04-08	CVE-2021-43498	Weak Password Recovery Mechanism for Forgotten Password vulnerability in Atutor 2.2.4 An Access Control vulnerability exists in ATutor 2.2.4 in password_reminder.php when the g, id, h, form_password_hidden, and form_change HTTP POST parameters are set. network low complexity atutor CWE-640	5.0
2022-03-29	CVE-2022-1073	Weak Password Recovery Mechanism for Forgotten Password vulnerability in Automatic Question Paper Generator System Project Automatic Question Paper Generator System 1.0 A vulnerability was found in Automatic Question Paper Generator 1.0. network low complexity automatic-question-paper-generator-system-project CWE-640	7.5
2022-03-01	CVE-2022-0777	Weak Password Recovery Mechanism for Forgotten Password vulnerability in Microweber Weak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3. network low complexity microweber CWE-640	5.0
2022-02-09	CVE-2022-23619	Weak Password Recovery Mechanism for Forgotten Password vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. network low complexity xwiki CWE-640	5.0
2022-01-28	CVE-2021-27654	Weak Password Recovery Mechanism for Forgotten Password vulnerability in Pega Infinity Forgotten password reset functionality for local accounts can be used to bypass local authentication checks. local low complexity pega CWE-640	4.6
2022-01-24	CVE-2022-23855	Weak Password Recovery Mechanism for Forgotten Password vulnerability in Saviynt Enterprise Identity Cloud An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. network low complexity saviynt CWE-640 critical	9.8
2022-01-18	CVE-2021-44839	Weak Password Recovery Mechanism for Forgotten Password vulnerability in Deltarm Delta RM 1.2 An issue was discovered in Delta RM 1.2. network low complexity deltarm CWE-640	4.0
2021-12-13	CVE-2021-39919	Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gitlab In all versions of GitLab CE/EE starting version 14.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, the reset password token and new user email token are accidentally logged which may lead to information disclosure. local low complexity gitlab CWE-640	2.1
2021-11-19	CVE-2021-44037	Weak Password Recovery Mechanism for Forgotten Password vulnerability in Teampasswordmanager Team Password Manager Team Password Manager (aka TeamPasswordManager) before 10.135.236 allows password-reset poisoning. network low complexity teampasswordmanager CWE-640	5.0