Lucene search
K

1289 matches found

Prion
Prion
added 2007/04/30 10:19 p.m.22 views

Default credentials

Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the...

6.8CVSS6.8AI score0.00335EPSS
Exploits0References5Affected Software4
ATTACKERKB
ATTACKERKB
added 2007/04/16 9:19 p.m.2 views

CVE-2007-2032

Cisco Wireless Control System WCS before 4.0.96.0 has a hard-coded FTP username and password for backup operations, which allows remote attackers to read and modify arbitrary files via unspecified vectors related to "properties of the FTP server," aka Bug ID CSCse93014...

7.5CVSS5.8AI score0.01661EPSS
Exploits0References8
NVD
NVD
added 2007/01/04 10:28 p.m.14 views

CVE-2007-0058

Cisco Clean Access CCA 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 on the Clean Access Manager CAM allows remote attackers to bypass authentication and download arbitrary manual database backups by guessing the snapshot filename using brute force, then making a direct request for the file...

7.8CVSS7.1AI score0.02489EPSS
Exploits0References5
Prion
Prion
added 2007/01/04 10:28 p.m.13 views

Authentication flaw

Cisco Clean Access CCA 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 on the Clean Access Manager CAM allows remote attackers to bypass authentication and download arbitrary manual database backups by guessing the snapshot filename using brute force, then making a direct request for the file...

7.8CVSS7.6AI score0.02489EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2007/01/04 10:0 p.m.46 views

CVE-2007-0058

CVE-2007-0058 affects Cisco Clean Access (CCA) on the Clean Access Manager (CAM): versions 3.5.x up to 3.5.9 and 3.6.x up to 3.6.1.1 allow remote attackers to bypass authentication and download arbitrary manual database backups by brute-forcing the snapshot filename and requesting the file direct...

7.8CVSS7.1AI score0.02489EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2006/09/14 10:7 a.m.34 views

CVE-2006-4786

Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive information via 1 help.php and 2 other unspecified vectors involving scheduled backups...

5CVSS5.9AI score0.0136EPSS
Exploits0References1
NVD
NVD
added 2006/09/14 10:7 a.m.18 views

CVE-2006-4786

Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive information via 1 help.php and 2 other unspecified vectors involving scheduled backups...

5CVSS6.2AI score0.0136EPSS
Exploits0References5
Cvelist
Cvelist
added 2006/09/14 10:0 a.m.21 views

CVE-2006-4786

Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive information via 1 help.php and 2 other unspecified vectors involving scheduled backups...

6.2AI score0.0136EPSS
Exploits0References5
CVE
CVE
added 2006/07/25 12:0 a.m.48 views

CVE-2006-3831

The CVE-2006-3831 issue affects Kailash Nadh boastMachine (formerly bMachine) versions up to 3.1. The backup feature creates database backups with predictable filenames and stores them under the web root with insufficient access controls, enabling remote attackers to download a backup file and ob...

5CVSS6.6AI score0.01366EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2006/07/25 12:0 a.m.16 views

CVE-2006-3831

The Backup selection in Kailash Nadh boastMachine formerly bMachine 3.1 and earlier uses predicable filenames for database backups and stores the files under the web root with insufficient access control, which allows remote attackers to obtain sensitive information by downloading a backup file...

6.2AI score0.01366EPSS
Exploits0References5
OSV
OSV
added 2005/08/30 11:45 a.m.4 views

DEBIAN-CVE-2005-1855

Backup Manager backup-manager before 0.5.8 creates backup files with world-readable default permissions, which allows local users to obtain sensitive information...

2.1CVSS6.5AI score0.00364EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2005/07/26 12:0 a.m.4 views

PT-2005-2875 · Kde +1 · Kate +3

Name of the Vulnerable Software and Affected Versions: KDE versions 3.2.x through 3.4.0 Description: The issue affects the Kate and Kwrite applications, where they do not properly set the same permissions on the backup file as were set on the original file. This could allow local users and possib...

7.5CVSS7.3AI score0.0367EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2005/07/20 12:0 a.m.25 views

PHP-Fusion <= 6.00.105 Multiple Vulnerabilities

According to its banner, the remote host is running a version of PHP-Fusion that is affected by multiple vulnerabilities : - An Information Disclosure Vulnerability PHP Fusion stores database backups in a known location within the web server's documents directory. An attacker may be able to...

5CVSS5.6AI score0.06844EPSS
Exploits1References3
securityvulns
securityvulns
added 2005/06/30 12:0 a.m.26 views

[EXPL] PHP-Fusion Accessible Database Backups Download &#40;Exploit&#41;

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

6.7AI score
Exploits0
0day.today
0day.today
added 2005/06/25 12:0 a.m.158 views

PHP-Fusion <= 6.00.105 Accessible Database Backups Download Exploit

Exploit for unknown platform in category web applications =================================================================== PHP-Fusion = 6.00.105 Accessible Database Backups Download Exploit =================================================================== !/usr/bin/perl D A R K A S S A S S I...

7.1AI score
Exploits0
NVD
NVD
added 2005/05/14 4:0 a.m.12 views

CVE-2005-1586

Quick.Forum 2.1.6 stores potentially sensitive information such as usernames, banned IP addresses, censored words, and backups under the web document root, which allows remote attackers to obtain that information via a direct request to 1 db/users.txt, 2 db/banList.txt, 3 db/censureWords.txt, or ...

5CVSS6.3AI score0.01388EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/05/14 4:0 a.m.16 views

CVE-2005-1586

Quick.Forum 2.1.6 stores potentially sensitive information such as usernames, banned IP addresses, censored words, and backups under the web document root, which allows remote attackers to obtain that information via a direct request to 1 db/users.txt, 2 db/banList.txt, 3 db/censureWords.txt, or ...

6.3AI score0.01388EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/02/26 5:0 a.m.22 views

CVE-2004-1724

The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the permissions on the fusionadmin/dbbackups directory to world read/write/execute 777, which allows remote attackers to download or view database backups, which have easily guessable filenames and contain the administrator userna...

6.5AI score0.06934EPSS
Exploits1References4
securityvulns
securityvulns
added 2004/12/16 12:0 a.m.52 views

Asante FM2008 10/100 Ethernet switch backdoor login

The Asante FM2008 is an 8 port managed Ethernet 10/100 switch. It may be managed, like many others in its device class, by Telnet, by serial port, by HTTP, or by SNMP. Also like most similar devices, the serial port, HTTP, and Telnet access methods require one to provide username/password...

0.5AI score
Exploits0
FreeBSD
FreeBSD
added 2002/01/10 12:0 a.m.25 views

nwclient -- multiple vulnerabilities

Insecure file permissions, network access control and DNS usage put systems that use Legato NetWorker at risk. When the software is running, several files that contain sensitive information are created with insecure permissions. The information exposed include passwords and can therefore be used...

6.2AI score
Exploits0References1
Rows per page
Query Builder