2 matches found
CVE-2026-41930 Vvveb < 1.0.8.2 Hard-coded Credentials Information Disclosure via phpMyAdmin
Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container with pre-configured database credentials. Attackers can connect to the phpMyAdmin port to...
CVE-2025-56157
Default credentials in Dify thru 1.5.1. PostgreSQL username and password specified in the docker-compose.yaml file included in its source code. NOTE: the Supplier reports that the Docker configuration does not make PostgreSQL on TCP port 5432 exposed by default in version 1.0.1 or later...