46 matches found
CVE-2019-16116
EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash...
EUVD-2019-3943
Malware in sbrugna...
EUVD-2008-6504
Malware in sbrugna...
EUVD-2007-0530
Malware in sbrugna...
ModernWMS 安全漏洞
ModernWMS is an open source simple and complete warehouse management system from fjykTec open source. A security vulnerability exists in ModernWMS version 1.0, which stems from overexposure of /user/list?culture=en-us endpoint information and insufficient access control, which could lead to viewi...
PT-2024-3341 · F5 · Big-Ip Next Central Manager
Name of the Vulnerable Software and Affected Versions: F5 BIG-IP Next Central Manager affected versions not specified Description: An SQL injection vulnerability exists in the BIG-IP Next Central Manager API. This vulnerability allows an unauthenticated attacker to conduct a remote attack and gai...
CVE-2023-43132
szvone vmqphp =1.13 is vulnerable to SQL Injection. Unauthorized remote users can use sql injection attacks to obtain the hash of the administrator password...
CVE-2023-43132
szvone vmqphp =1.13 is vulnerable to SQL Injection. Unauthorized remote users can use sql injection attacks to obtain the hash of the administrator password...
vmqphp SQL Injection Vulnerability
vmqphp is a set of signature-free payment programs for vone individual developers. A security vulnerability exists in vmqphp 1.13 and earlier versions, which stems from the fact that an unauthorized remote user can use a sql injection attack to obtain the hash value of the administrator password...
PT-2023-28709 · Unknown · Szvone Vmqphp
Name of the Vulnerable Software and Affected Versions: szvone vmqphp versions =1.13 Description: The issue allows unauthorized remote users to use SQL injection attacks to obtain the hash of the administrator password. This can be achieved through sql injection attacks, which enable attackers to...
CVE-2023-34134
Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics allows authenticated attacker to read administrator password hash via a web service call. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...
CVE-2023-34134
Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics allows authenticated attacker to read administrator password hash via a web service call. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...
SonicWALL Analytics和GMS 安全漏洞
SonicWALL Analytics and SonicWALL GMS are both products of SonicWALL, Inc. of the U.S. SonicWALL Analytics is a high-performance management and reporting engine for the Web.SonicWALL GMS is a global management system. A powerful and intuitive solution for organizations, distributed enterprises an...
Authentication flaw
backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash...
CVE-2014-3445
backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash...
CVE-2019-16116
EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash...
CVE-2019-16116
EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash...
Information disclosure
EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash...
CVE-2019-16116
CVE-2019-16116 affects EnterpriseDT CompleteFTP Server prior to version 12.1.3, where the Bootstrap.log file could leak the administrator password hash. Public sources describe a path where installation logging obscures the password, enabling an attacker to obtain credentials if remote administra...
CVE-2018-6011
The time-based one-time-password TOTP function in the application logic of the Green Electronics RainMachine Mini-8 2nd generation uses the administrator's password hash to generate a 6-digit temporary passcode that can be used for remote and local access, aka a "Use of Password Hash Instead of...