oneclickorgs 漏洞與 CVE 列表(6)

產品(CPE): — CVE 數: 6

oneclickorgs 漏洞概覽

彙總 oneclickorgs 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

已披露問題常與 輸入驗證問題與跨站腳本 相關,可能在 軟體部署與生產負載 場景中帶來 異常行為與工作階段劫持 等暴露風險。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 166 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2011-4678 The password reset feature in One Click Orgs before 1.2.3 generates different error messages for failed reset attempts depending on whether the e-mail address is registered, which allows remote attackers to enumerate user accounts via a series of requests. [email protected] 5.0 1.16% 2011-12-06 2026-06-16
CVE-2011-4677 One Click Orgs before 1.2.3 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. [email protected] 7.5 1.38% 2011-12-06 2026-06-16
CVE-2011-4555 One Click Orgs before 1.2.3 does not require unique e-mail addresses for user accounts, which allows remote authenticated users to cause a denial of service (login disruption) or spoof votes or comments by selecting a conflicting e-mail address. [email protected] 4.0 0.96% 2011-12-06 2026-06-16
CVE-2011-4554 One Click Orgs before 1.2.3 allows remote authenticated users to trigger crafted SMTP traffic via (1) " (double quote) and newline characters in an org name or (2) " (double quote) characters in an e-mail address, related to a "2nd Order SMTP Injection" issue. [email protected] 5.5 0.95% 2011-12-06 2026-06-16
CVE-2011-4553 Multiple open redirect vulnerabilities in One Click Orgs before 1.2.3 allow (1) remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the return_to parameter, and allow (2) remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via crafted characters in the domain name of a subdomain. [email protected] 5.8 1.03% 2011-12-06 2026-06-16
CVE-2011-4552 Multiple cross-site scripting (XSS) vulnerabilities in One Click Orgs before 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the description field of (1) a new vote or (2) the eject member proposal feature. [email protected] 4.3 0.92% 2011-12-06 2026-06-16
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence