3038 matches found
Hardcoded credentials
The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. Some browsers would interpret these results incorrectly, allowing clickjacking attacks...
Hardcoded credentials
When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service DoS for the user if services like fail2ban are used...
PT-2022-5909 · Ami · Ami Megarac Baseboard Management Controller
Name of the Vulnerable Software and Affected Versions: AMI MegaRAC Baseboard Management Controller BMC affected versions not specified Description: The issue is related to the use of hardcoded credentials in the AMI MegaRAC Baseboard Management Controller BMC firmware. An attacker can exploit thi...
CVE-2022-44096
Sanitization Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...
CVE-2022-44097
Book Store Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...
CVE-2022-44096
Sanitization Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...
CVE-2022-44097
Book Store Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...
Hardcoded credentials
Sanitization Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...
Hardcoded credentials
Book Store Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...
CVE-2022-44097
Book Store Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...
CVE-2022-44096
Sanitization Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...
PT-2022-27108 · Unknown · Sanitization Management System
Name of the Vulnerable Software and Affected Versions: Sanitization Management System version 1.0 Description: The issue concerns hardcoded credentials in the system, allowing attackers to escalate privileges and access the admin panel. Recommendations: For Sanitization Management System version...
PT-2022-27109 · Unknown · Book Store Management System
Name of the Vulnerable Software and Affected Versions: Book Store Management System version 1.0 Description: The issue concerns hardcoded credentials in the system, allowing attackers to escalate privileges and access the admin panel. Recommendations: For Book Store Management System version 1.0,...
CVE-2022-44097
Book Store Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...
CVE-2022-44096
CVE-2022-44096 affects Sanitization Management System v1.0. The issue is due to hardcoded credentials in the system, enabling privilege escalation and admin-panel access. Multiple connected sources corroborate the vulnerability, including Red Hat and PT Security, which note credential leakage as ...
CVE-2022-44097
CVE-2022-44097 affects Book Store Management System v1.0. The vulnerability arises from hardcoded credentials in the system, enabling attackers to escalate privileges and gain access to the admin panel. This is supported by multiple connected sources (RH Red Hat, NVD, CNNVD and others) describing...
CVE-2022-44096
Sanitization Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...
Hardcoded credentials
RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information...
Hardcoded credentials
Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the HTML content passed to the Browsershot::html method does not contain URL's that use the file:// protocol...
Hardcoded credentials
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project file or execute programs illegally...