Export limit exceeded: 47474 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (2 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-12866 1 Hundredplus 1 Eip Plus 2026-04-15 9.8 Critical
EIP Plus developed by Hundred Plus has a Weak Password Recovery Mechanism vulnerability, allowing unauthenticated remote attacker to predict or brute-force the 'forgot password' link, thereby successfully resetting any user's password.
CVE-2025-12867 1 Hundredplus 1 Eip Plus 2026-04-15 7.2 High
EIP Plus developed by Hundred Plus has an Arbitrary File Uplaod vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.