600 matches found
WordPress Pods 2.7.9 Database Disclosure
Exploit Title : WordPress Pods Plugins 2.7.9 Database Backup Arbitrary File Download Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 22/11/2018 Vendor Homepage : + wordpress.org/plugins/pods/ pods.io +...
WordPress Theme CherryFramework 3.1.4 - Backup File Download
Exploit Title: Wordpress CherryFramework Themes 3.1.4 - Backup File Download Google Dork: inurl:/wp-content/themes/CherryFramework Date: 2018-11-17 Exploit Author: b1p0l4r Vendor Homepage: http://www.cherryframework.com/ Software Link: http://www.cherryframework.com/ Version: 3.x.x 3.1.4 Tested o...
LG Smart IP Camera 1508190 - Backup File Download Exploit
Exploit for hardware platform in category web applications Exploit Title: LG Smart IP Camera 1508190 - Backup File Download Exploit Author: Ege Balci Vendor Homepage: https://www.lg.com Software version: 1310250 " exit0...
LG Smart IP Camera 1508190 - Backup File Download
LG Smart IP Camera 1508190 - Backup File Download Exploit Title: LG Smart IP Camera 1508190 - Backup File Download Date: 2018-09-11 Exploit Author: Ege Balci Vendor Homepage: https://www.lg.com Software version: 1310250 " exit0...
LG Smart IP Camera 1508190 File Disclosure
Exploit Title: LG Smart IP Camera 1508190 - Backup File Download Date: 2018-09-11 Exploit Author: Ege Balci Vendor Homepage: https://www.lg.com Software version: 1310250 " exit0 print"==========================================================================" print" Exploit Title: LG Smart IP...
LG Smart IP Camera 1508190 - Backup File Download
Exploit Title: LG Smart IP Camera 1508190 - Backup File Download Date: 2018-09-11 Exploit Author: Ege Balci Vendor Homepage: https://www.lg.com Software version: 1310250 " exit0 print"==========================================================================" print" Exploit Title: LG Smart IP...
Hardcoded credentials
The web application backup file in the TP-Link EAP Controller and Omada Controller versions 2.5.4Windows/2.6.0Windows is encrypted with a hard-coded cryptographic key, so anyone who knows that key and the algorithm can decrypt it. A low-privilege user could decrypt and modify the backup file in...
CVE-2018-10167
The web application backup file in the TP-Link EAP Controller and Omada Controller versions 2.5.4Windows/2.6.0Windows is encrypted with a hard-coded cryptographic key, so anyone who knows that key and the algorithm can decrypt it. A low-privilege user could decrypt and modify the backup file in...
CVE-2018-10167
The web application backup file in the TP-Link EAP Controller and Omada Controller versions 2.5.4Windows/2.6.0Windows is encrypted with a hard-coded cryptographic key, so anyone who knows that key and the algorithm can decrypt it. A low-privilege user could decrypt and modify the backup file in...
CVE-2018-10167
TP-Link EAP Controller and Omada Controller (Windows) versions 2.5.4_Windows and 2.6.0_Windows are affected by CVE-2018-10167 due to a hard-coded cryptographic key used to encrypt the web app backup file. A low-privilege user can decrypt and modify the backup to escalate privileges, including cre...
Sensitive File Disclosure (HTTP)
The script attempts to identify files containing sensitive data at the remote web server. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Proclaim, 9.1.1, Arbitrary File Upload
Proclaim from Christian Web Ministries installs as combiblestudy, versions 9.1.1 and previous, arbitrary file upload, also backup file download resolution: update to 9.1.2 fixes both issues update notice: https://github.com/Joomla-Bible-Study/Joomla-Bible-Study/releases...
Joomla Proclaim 9.1.1 Component - Backup File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Proclaim 9.1.1 - Backup Download Vendor Homepage: https://www.christianwebministries.org/ Software Link: https://extensions.joomla.org/extensions/extension/living/religion/proclaim/ Software Download:...
Arq 5.10 - Local Privilege Escalation Exploit (1)
Exploit for macOS platform in category local exploits !/usr/bin/env ruby Arq USE AT YOUR OWN RISK - THIS WILL OVERWRITE THE ROOT USER'S CRONTAB! $binarytarg...
Design/Logic Flaw
Hitron CVE-30360 devices use a 578A958E3DD933FC DES key that is shared across different customers' installations, which makes it easier for attackers to obtain sensitive information by decrypting a backup configuration file, as demonstrated by a password hash in the umauthaccountpassword field...
File Upload Vulnerability in SEMCMS_ASP_v4.5
SemCMS is an open source foreign trade enterprise website management system, written in vbscript language, combined with iis running, SemCMS is very suitable for foreign trade enterprises, e-commerce Internet use. SemCms ASPv4.5 version of the editor database backup file upload vulnerability ,...
CVE-2017-13701
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains sensitive information in a insecure way. There is no salt for password hashing. Indeed passwords are stored without being ciphered with a timestamped ciphering method...
Design/Logic Flaw
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains sensitive information in a insecure way. There is no salt for password hashing. Indeed passwords are stored without being ciphered with a timestamped ciphering method...
CVE-2017-13701
Affected product: MOXA EDS-G512E (5.1 build 16072215). Issue: backup files store passwords without salt and with an insecure, timestamped ciphering method, enabling exposure of credentials. Impact: high confidentiality and integrity concerns; CVSS-3.0 base score 9.8 (CRITICAL), network attack vec...
Information disclosure
Fiyo CMS 2.0.1.8 allows remote attackers to obtain sensitive information via a direct request to the database backup file in .backup/...