Vulnerabilities > Weak Password Recovery Mechanism for Forgotten Password
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-21 | CVE-2019-10270 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Ultimatemember Ultimate Member An arbitrary password reset issue was discovered in the Ultimate Member plugin 2.39 for WordPress. | 8.8 |
| 2019-06-19 | CVE-2019-3787 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Pivotal Software Cloud Foundry Uaa-Release Cloud Foundry UAA, versions prior to 73.0.0, falls back to appending “unknown.org” to a user's email address when one is not provided and the user name does not contain an @ character. | 8.8 |
| 2019-06-17 | CVE-2019-12476 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Zohocorp Manageengine Adselfservice Plus 4.5/5.0 An authentication bypass vulnerability in the password reset functionality in Zoho ManageEngine ADSelfService Plus before 5.0.6 allows an attacker with physical access to gain a shell with SYSTEM privileges via the restricted thick client browser. | 6.8 |
| 2019-05-02 | CVE-2018-16988 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Xdmod Open Xdmod An issue was discovered in Open XDMoD through 7.5.0. | 9.8 |
| 2019-04-22 | CVE-2019-11414 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Intelbras IWR 3000N Firmware 1.5.0 An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. | 8.8 |
| 2019-04-22 | CVE-2019-11393 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tildeslash Monit An issue was discovered in /admin/users/update in M/Monit before 3.7.3. | 9.8 |
| 2019-04-17 | CVE-2019-10641 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Contao CMS Contao before 3.5.39 and 4.x before 4.7.3 has a Weak Password Recovery Mechanism for a Forgotten Password. | 9.8 |
| 2019-03-28 | CVE-2018-16529 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Forcepoint Email Security 8.5.0/8.5.3 A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. | 9.8 |
| 2019-03-21 | CVE-2018-19488 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Wp-Jobhunt Project Wp-Jobhunt The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_reset_pass() function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset the password of a user's account. | 9.8 |
| 2019-02-13 | CVE-2018-0696 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Osstech Openam OpenAM (Open Source Edition) 13.0 and later does not properly manage sessions, which allows remote authenticated attackers to change the security questions and reset the login password via unspecified vectors. | 7.5 |