18 matches found
EUVD-2005-1341
Malware in sbrugna...
EUVD-2020-7906
Malware in sbrugna...
CVE-2020-15935
A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0 and below may allow a remote authenticated attacker to retrieve some sensitive information such as users LDAP passwords and RADIUS shared secret by deobfuscating the passwords entry fields...
Fortinet FortiWeb Multiple cryptographic flaws allow for full LDAP and RADIUS passwords compromise (FG-IR-20-222)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-20-222 advisory. - A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS credentials in FortiSandbox...
AVSystem Unified Management Platform Security Vulnerability
AVSystem Unified Management Platform is a comprehensive management platform from AVSystem designed to help enterprises, service providers and carriers manage and monitor their network devices, Internet of Things IoT devices and services. A security vulnerability exists in AVSystem Unified...
CVE-2024-25655
Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified Management Platform UMP 23.07.0.16567LTS allows members with read access to the application database to decrypt the LDAP passwords of users who successfully authenticate to web management via LDAP...
PT-2022-23181 · Xwiki · Xwiki-Platform-Web-Templates
Name of the Vulnerable Software and Affected Versions: XWiki Platform Web Templates versions prior to 13.10.4 and 14.2 Description: The issue allows access to string and list properties of objects that the user should not have access to, including private personal information like email addresses...
Apache Doris Information Disclosure Vulnerability
Apache Doris is a modern MPP analytics database product from the Apache Foundation, USA. An information disclosure vulnerability exists in versions of Apache Doris prior to 1.0.0, which stems from the use of hard-coded keys and IVs to initialize the cipher used for ldap passwords. An attacker cou...
CVE-2020-15935
A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0 and below may allow a remote authenticated attacker to retrieve some sensitive information such as users LDAP passwords and RADIUS shared secret by deobfuscating the passwords entry fields...
Code injection
A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0 and below may allow a remote authenticated attacker to retrieve some sensitive information such as users LDAP passwords and RADIUS shared secret by deobfuscating the passwords entry fields...
CVE-2020-15935
A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0 and below may allow a remote authenticated attacker to retrieve some sensitive information such as users LDAP passwords and RADIUS shared secret by deobfuscating the passwords entry fields...
CVE-2020-15935
A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0 and below may allow a remote authenticated attacker to retrieve some sensitive information such as users LDAP passwords and RADIUS shared secret by deobfuscating the passwords entry fields...
Multiple Products - Retrieval of sensitive information in cleartext via GUI
A cleartext storage of sensitive information in the GUI of FortiADC, FortiSIEM, FortiDDoS, FortiDDoS-CM and FortiDDoS-F may allow a remote authenticated attacker to retrieve some sensitive information such as users LDAP passwords, RADIUS shared secret and the Elastic Cloud database password by...
Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Remote Configuration Retrieval
No description provided by source. !/bin/bash Exploit by ShadowHatesYou [email protected] The resulting output is an SQL dump containing the Barracuda's configuration, which includes goodies such as: The administrative password for the BSFsystempassword MTA LDAP passwordsmtaldapadvancedpasswor...
Barracuda Networks Spam And Virus Firewall Configuration Retrieval
!/bin/bash Exploit by ShadowHatesYou [email protected] The resulting output is an SQL dump containing the Barracuda's configuration, which includes goodies such as: The administrative password for the BSFsystempassword MTA LDAP passwordsmtaldapadvancedpassword Password for each configured...
Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Configuration
Exploit for cgi platform in category remote exploits =================================================================== Barracuda Networks Spam & Virus Firewall " echo "" exit; fi; curl http://$1:8000/cgi-mod/viewhelp.cgi?locale=/../../../../../../../mail/snapshot/config.snapshot%00 $1.config ls...
Barracuda Networks Spam & Virus Firewall 4.1.1.021 - Remote Configuration Retrieval
!/bin/bash Exploit by ShadowHatesYou [email protected] The resulting output is an SQL dump containing the Barracuda's configuration, which includes goodies such as: The administrative password for the BSFsystempassword MTA LDAP passwordsmtaldapadvancedpassword Password for each configured...
Barracuda Networks Spam Virus Firewall 4.1.1.021 - Remote Configuration Retrieval
Barracuda Networks Spam Virus Firewall 4.1.1.021 - Remote Configuration Retrieval !/bin/bash Exploit by ShadowHatesYou [email protected] The resulting output is an SQL dump containing the Barracuda's configuration, which includes goodies such as: The administrative password for the...