Lucene search
K

29 matches found

OSV
OSV
added 2021/01/13 4:15 p.m.4 views

CVE-2021-3131

The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the creds URL parameter...

7.5CVSS5.8AI score0.00954EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2020/06/05 12:0 a.m.425 views

Avaya IP Office 11 Insecure Transit / Password Disclosure

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AVAYA-IP-OFFICE-INSECURE-TRANSIT-PASSWORD-DISCLOSURE.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.avaya.com Product Avaya IP Office v9.1.8.0 - 11 IP Office...

2.1CVSS0.01EPSS
Exploits3
OSV
OSV
added 2019/07/03 8:15 p.m.4 views

CVE-2017-13719

The Amcrest IPM-721S AmcrestIPC-AWXXEngNV2.420.AC00.17.R.20170322 allows HTTP requests that permit enabling various functionalities of the camera by using HTTP APIs, instead of the web management interface that is provided by the application. This HTTP API receives the credentials as base64 encod...

9.8CVSS6.3AI score0.0446EPSS
Exploits1References3
Prion
Prion
added 2019/07/03 8:15 p.m.18 views

Stack overflow

The Amcrest IPM-721S AmcrestIPC-AWXXEngNV2.420.AC00.17.R.20170322 allows HTTP requests that permit enabling various functionalities of the camera by using HTTP APIs, instead of the web management interface that is provided by the application. This HTTP API receives the credentials as base64 encod...

7.5CVSS9.8AI score0.0446EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2019/05/15 2:29 p.m.4 views

CVE-2016-10719

TP-Link Archer CR-700 1.0.6 devices have an XSS vulnerability that can be introduced into the admin account through a DHCP request, allowing the attacker to steal the cookie information, which contains the base64 encoded username and password...

6.1CVSS5.8AI score0.00978EPSS
Exploits1References1
CNVD
CNVD
added 2018/12/21 12:0 a.m.4 views

D-Link myDlink Baby App Information Disclosure Vulnerability

D-Link myDlink Baby App is an application from AUO D-Link for managing and controlling D-Link baby monitors. The information disclosure vulnerability in the D-Link myDlink Baby App version 2.04.06 arises from the fact that when an operation is performed using the app e.g., modifying the camera...

7CVSS6.1AI score0.0063EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/12/20 12:0 a.m.5 views

PT-2018-3886 · D Link · D-Link 825L +1

Name of the Vulnerable Software and Affected Versions: D-Link myDlink Baby App version 2.04.06 D-Link 825L firmware 1.08 Description: The issue concerns the communication between the myDlink Baby App and the D-Link 825L Wi-Fi camera, where credentials, including username and password, are sent in...

7CVSS6.5AI score0.0063EPSS
Exploits1References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM Exploit

No description provided by source. !/usr/bin/python tiv-sys.py IBM Tivoli Endpoint 4.1.1 Remote SYSTEM Exploit Jeremy Brown 0xjbrown41-gmail-com June 2011 Discovered by: Brian Adeloye of Tenable Network Security This exploit makes use of two vulnerabilities: 1 Base64 authentication credentials...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/11/29 12:0 a.m.20 views

Network Shutdown Module 3.21 Remote PHP Code Injection

This Metasploit module exploits a vulnerability in lib/dbtools.inc which uses unsanitized user input inside a eval call. Additionally the base64 encoded user credentials are extracted from the database of the application. Please note that in order to be able to steal credentials, the vulnerable...

6.8AI score
Exploits0
Rows per page
Query Builder