Lucene search
+L

46 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:33 a.m.10 views

CVE-2019-16116

EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash...

4.3CVSS6.5AI score0.03679EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-3943

Malware in sbrugna...

6.5CVSS6.6AI score0.00477EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-6504

Malware in sbrugna...

5CVSS6.4AI score0.06272EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-0530

Malware in sbrugna...

5CVSS6.4AI score0.01213EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/04/29 12:0 a.m.4 views

ModernWMS 安全漏洞

ModernWMS is an open source simple and complete warehouse management system from fjykTec open source. A security vulnerability exists in ModernWMS version 1.0, which stems from overexposure of /user/list?culture=en-us endpoint information and insufficient access control, which could lead to viewi...

7.5CVSS6.3AI score0.00344EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/05/08 12:0 a.m.4 views

PT-2024-3341 · F5 · Big-Ip Next Central Manager

Name of the Vulnerable Software and Affected Versions: F5 BIG-IP Next Central Manager affected versions not specified Description: An SQL injection vulnerability exists in the BIG-IP Next Central Manager API. This vulnerability allows an unauthenticated attacker to conduct a remote attack and gai...

9.8CVSS8.3AI score0.07163EPSS
Exploits0References31
OSV
OSV
added 2023/09/25 9:15 p.m.5 views

CVE-2023-43132

szvone vmqphp =1.13 is vulnerable to SQL Injection. Unauthorized remote users can use sql injection attacks to obtain the hash of the administrator password...

6.5CVSS5.9AI score0.00593EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/09/25 9:15 p.m.7 views

CVE-2023-43132

szvone vmqphp =1.13 is vulnerable to SQL Injection. Unauthorized remote users can use sql injection attacks to obtain the hash of the administrator password...

6.5CVSS6.7AI score0.00593EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/09/25 12:0 a.m.7 views

vmqphp SQL Injection Vulnerability

vmqphp is a set of signature-free payment programs for vone individual developers. A security vulnerability exists in vmqphp 1.13 and earlier versions, which stems from the fact that an unauthorized remote user can use a sql injection attack to obtain the hash value of the administrator password...

6.5CVSS7.2AI score0.00593EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/09/25 12:0 a.m.5 views

PT-2023-28709 · Unknown · Szvone Vmqphp

Name of the Vulnerable Software and Affected Versions: szvone vmqphp versions =1.13 Description: The issue allows unauthorized remote users to use SQL injection attacks to obtain the hash of the administrator password. This can be achieved through sql injection attacks, which enable attackers to...

6.5CVSS6.7AI score0.00593EPSS
Exploits0References7
NVD
NVD
added 2023/07/13 3:15 a.m.29 views

CVE-2023-34134

Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics allows authenticated attacker to read administrator password hash via a web service call. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...

6.5CVSS0.01119EPSS
Exploits0References2
OSV
OSV
added 2023/07/13 3:15 a.m.5 views

CVE-2023-34134

Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics allows authenticated attacker to read administrator password hash via a web service call. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...

6.5CVSS5.8AI score0.01119EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/07/13 12:0 a.m.5 views

SonicWALL Analytics和GMS 安全漏洞

SonicWALL Analytics and SonicWALL GMS are both products of SonicWALL, Inc. of the U.S. SonicWALL Analytics is a high-performance management and reporting engine for the Web.SonicWALL GMS is a global management system. A powerful and intuitive solution for organizations, distributed enterprises an...

6.5CVSS7.5AI score0.01119EPSS
Exploits0References3
Prion
Prion
added 2020/01/28 3:15 p.m.18 views

Authentication flaw

backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash...

7.5CVSS7.6AI score0.05345EPSS
Exploits2References5Affected Software1
Cvelist
Cvelist
added 2020/01/28 2:9 p.m.34 views

CVE-2014-3445

backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash...

9.8AI score0.05345EPSS
Exploits2References5
NVD
NVD
added 2019/10/02 4:15 p.m.37 views

CVE-2019-16116

EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash...

4.3CVSS4.5AI score0.03679EPSS
Exploits2References2
OSV
OSV
added 2019/10/02 4:15 p.m.8 views

CVE-2019-16116

EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash...

4.3CVSS5.8AI score0.03679EPSS
Exploits2References2
Prion
Prion
added 2019/10/02 4:15 p.m.22 views

Information disclosure

EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash...

3.5CVSS4.4AI score0.03679EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2019/10/02 3:29 p.m.77 views

CVE-2019-16116

CVE-2019-16116 affects EnterpriseDT CompleteFTP Server prior to version 12.1.3, where the Bootstrap.log file could leak the administrator password hash. Public sources describe a path where installation logging obscures the password, enabling an attacker to obtain credentials if remote administra...

4.3CVSS4.4AI score0.03679EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2018/11/01 5:29 p.m.5 views

CVE-2018-6011

The time-based one-time-password TOTP function in the application logic of the Green Electronics RainMachine Mini-8 2nd generation uses the administrator's password hash to generate a 6-digit temporary passcode that can be used for remote and local access, aka a "Use of Password Hash Instead of...

8.1CVSS5.8AI score0.01131EPSS
Exploits1References1
Rows per page
Query Builder