How severe is CVE-2023-0641?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.1 out of 10.

What type of vulnerability is CVE-2023-0641?

This is classified as CWE-521, which is a common weakness in software security.

CVE-2023-0641 - CRITICAL Severity | CVSS 9.1

Vulnerability Description

A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file changepassword.php. The manipulation of the argument newpassword/confirmpassword leads to weak password requirements. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-220021 was assigned to this vulnerability.

Related Vulnerabilities

CVE-2025-26847

CRITICAL

CVSS:9.1(Critical)

An issue was discovered in Znuny before 7.1.5. When generating a support bundle, not all passwords are masked.

CWE-5212025

CVE-2018-15748

HIGH

CVSS:8.8(High)

On Dell 2335dn printers with Printer Firmware Version 2.70.05.02, Engine Firmware Version 1.10.65, and Network Firmware Version V4.02.15(2335dn MFP) 11-22-2010, the admin interface allows an authentic...

CWE-5212018

CVE-2018-17906

HIGH

CVSS:8.8(High)

Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and IntelliSpace PACS, all versions. Default credentials and no authentication within third party software may allow an attacker to compr...

CWE-5212018

CVE-2018-18562

HIGH

CVSS:8.8(High)

An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Weak access credentials may enable attacke...

CWE-5212018

CVE-2020-15369

HIGH

CVSS:8.8(High)

Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote serve...

CWE-5212020

CVE-2022-26117

HIGH

CVSS:8.8(High)

An empty password in configuration file vulnerability [CWE-258] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below,...

CWE-5212022