Online Trade - Online trading and cryptocurrency investment system security breach

Online Trade - Online trading and cryptocurrency investment system is an online forex and currency trading system developed using the Laravel framework. A security vulnerability exists in Online Trade - Online trading and cryptocurrency investment system. A remote attacker can exploit this...

Online Trade - Online trading and cryptocurrency investment system security breach

Brynamics Online Trade is a system for trading cryptocurrencies online. A security vulnerability exists in Brynamics Online Trade. A remote attacker can exploit this vulnerability by making a direct request to /dashboard/addplan, /dashboard/paywithcard/charge, /dashboard/withdrawal, or...

Online Trade - Online trading and cryptocurrency investment system security breach

Online Trade - Online trading and cryptocurrency investment system is a set of online foreign exchange and currency trading system developed using the Laravel framework. A security vulnerability exists in Online Trade - Online trading and cryptocurrency investment system. A remote attacker can...

Attackers Target 1M+ WordPress Sites To Harvest Database Credentials

Attackers were spotted targeting over one million WordPress websites in a campaign over the weekend. The campaign unsuccessfully attempted to exploit old cross-site scripting XSS vulnerabilities in WordPress plugins and themes, with the goal of harvesting database credentials. The attacks were...

Anchore Engine Command Execution Vulnerability

Anchore Engine is an open source service from US-based Anchore that analyzes Docker images and applies user-defined acceptance policies to allow automated container image validation and authentication. A security vulnerability exists in Anchore Engine version 0.7.0. An attacker can exploit the...

ThinkPHP has an information leakage vulnerability

ThinkPHP is developed and maintained by the Shanghai Top Thinking company MVC structure of the open-source PHP framework. ThinkPHP suffers from an information disclosure vulnerability. Attackers can use this vulnerability to obtain the database account and password, and successfully connect to...

CVE-2019-18868

Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to access MySQL credentials in cleartext in /engine/db.inc, /lang/nl.bak, or /lang/en.bak...

CVE-2020-5406

VMware Tanzu Application Service for VMs, 2.6.x versions prior to 2.6.18, 2.7.x versions prior to 2.7.11, and 2.8.x versions prior to 2.8.5, includes a version of PCF Autoscaling that writes database connection properties to its log, including database username and password. A malicious user with...

Default credentials

VMware Tanzu Application Service for VMs, 2.6.x versions prior to 2.6.18, 2.7.x versions prior to 2.7.11, and 2.8.x versions prior to 2.8.5, includes a version of PCF Autoscaling that writes database connection properties to its log, including database username and password. A malicious user with...

CVE-2020-5406 PCF Autoscaling logs its database credentials

VMware Tanzu Application Service for VMs, 2.6.x versions prior to 2.6.18, 2.7.x versions prior to 2.7.11, and 2.8.x versions prior to 2.8.5, includes a version of PCF Autoscaling that writes database connection properties to its log, including database username and password. A malicious user with...

WordPress Plugin 'Duplicator' < 1.3.28 Unauthenticated Arbitrary File Download

The WordPress application running on the remote host has a version of the 'Duplicator' plugin that is prior to 1.3.28 and, thus, is affected by an unauthenticated arbitrary file download vulnerability that can allow the attackers to download 'wp-config.php' and steal database credentials. C Tenab...

Centreon 19.10.5 Credential Disclosure

Exploit Title: Centreon 19.10.5 - Database Credentials Disclosure Date: 2020-01-27 Exploit Author: Fabien AUNAY, Omri Baso Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested on: CentOS 7 CVE : - Centreon 19.10.5 Database...

Centreon 19.10.5 - Database Credentials Disclosure Vulnerability

Exploit for php platform in category web applications Exploit Title: Centreon 19.10.5 - Database Credentials Disclosure Exploit Author: Fabien AUNAY, Omri Baso Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested on: CentOS 7 CVE :...

Centreon 19.10.5 - Database Credentials Disclosure

Centreon 19.10.5 - Database Credentials Disclosure Exploit Title: Centreon 19.10.5 - Database Credentials Disclosure Date: 2020-01-27 Exploit Author: Fabien AUNAY, Omri Baso Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested on:...

Centreon 19.10.5 - Database Credentials Disclosure

Exploit Title: Centreon 19.10.5 - Database Credentials Disclosure Date: 2020-01-27 Exploit Author: Fabien AUNAY, Omri Baso Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested on: CentOS 7 CVE : - Centreon 19.10.5 Database...

Unspecified Vulnerability in Aruba Networks ClearPass Policy Manager

Aruba Networks ClearPass is an access management system from Aruba Networks that integrates network control, application, and device management capabilities.Policy Manager is one of the policy managers. An unspecified vulnerability exists in Aruba Networks ClearPass Policy Manager. An attacker...

CVE-2016-4401

Aruba ClearPass Policy Manager before 6.5.7 and 6.6.x before 6.6.2 allows attackers to obtain database credentials...

CVE-2016-4401

Aruba ClearPass Policy Manager before 6.5.7 and 6.6.x before 6.6.2 allows attackers to obtain database credentials...

Command injection

Aruba ClearPass Policy Manager before 6.5.7 and 6.6.x before 6.6.2 allows attackers to obtain database credentials...

CVE-2016-4401

Aruba ClearPass Policy Manager before 6.5.7 and 6.6.x before 6.6.2 allows attackers to obtain database credentials...