CVE-2018-25350 | THREATINT

Description

userSpice 4.3.24 contains a username enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by sending POST requests to the existingUsernameCheck.php endpoint. Attackers can submit usernames and analyze response text for the 'taken' string to identify existing accounts in the system.

PUBLISHED Reserved 2026-05-23 | Published 2026-05-23 | Updated 2026-05-26 | Assigner VulnCheck

CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

Observable Response Discrepancy

Product status

4.3.24

affected

Credits

Dolev Farhi finder

References

www.exploit-db.com/exploits/44872 (ExploitDB-44872) exploit

www.vulncheck.com/...umeration-via-existingusernamecheck-php (VulnCheck Advisory: userSpice 4.3.24 Username Enumeration via existingUsernameCheck.php) third-party-advisory

cve.org (CVE-2018-25350)

nvd.nist.gov (CVE-2018-25350)

Download JSON