Fallos del tipo CWE-640
171 resultadosCVE-2015-10071LOWgitter-badger ezpublish-modern-legacy forgotpassword.php password recoveryEPSS 0.6%CVE-2024-9302HIGHApp Builder – Create Native Android & iOS Apps On The Flight <= 5.3.7 - Privilege Escalation and Account Takeover via Weak OTPEPSS 0.6%CVE-2025-6097MEDIUMUTT 进取 750W Administrator Password setSysAdm formDefineManagement unverified password changeEPSS 0.6%CVE-2025-4903MEDIUMD-Link DI-7003GV2 webgl.asp sub_41F4F0 unverified password changeEPSS 0.6%CVE-2024-22454HIGH
Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password recovery mechanism for forgotten passwords. A remEPSS 0.6%CVE-2024-5404CRITICALifm: moneo prone to weak password recovery mechanism EPSS 0.5%CVE-2024-38287CRITICALThe password-reset mechanism in the Forgot Password functionality in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers EPSS 0.5%CVE-2023-4448MEDIUMOpenRapid RapidCMS run-movepass.php password recoveryEPSS 0.5%CVE-2023-44399MEDIUMZITADEL's password reset does not respect the "Ignoring unknown usernames" settingEPSS 0.5%CVE-2025-0331MEDIUMYunzMall HTTP POST Request ResetpwdController.php changePwd password recoveryEPSS 0.5%CVE-2026-1325MEDIUMSangfor Operation and Maintenance Security Management System edit_pwd_mall password recoveryEPSS 0.5%CVE-2021-36436MEDIUMAn issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email addresses and user entered information via submEPSS 0.5%CVE-2023-42481HIGHImproper Access Control vulnerability in SAP Commerce CloudEPSS 0.5%CVE-2024-8692MEDIUMTDuckCloud TDuckPro password recoveryEPSS 0.5%CVE-2020-12067HIGHIn Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), a user's password may be changed by an attacker withouEPSS 0.5%CVE-2023-3222HIGHVulnerability in the password recovery mechanism of Roundcube Password Recovery PluginEPSS 0.5%CVE-2023-43650HIGHNon-MFA account takeover via brute-force attack on weak password reset code in jumpserverEPSS 0.5%CVE-2025-15398MEDIUMUasoft badaso Token BadasoAuthController.php forgetPassword password recoveryEPSS 0.5%CVE-2026-42606HIGHAzuraCast: Password Reset Poisoning via Untrusted X-Forwarded-Host Header Leads to Account Takeover and 2FA BypassEPSS 0.5%CVE-2026-2564CRITICALIntelbras VIP 3260 Z IA OutsideCmd password recoveryEPSS 0.5%