175 matches found
Lansweeper Unauthenticated SQL Injection
Lansweeper before 7.1.117.4 allows unauthenticated SQL injection. id: CVE-2019-13462 info: name: Lansweeper Unauthenticated SQL Injection author: divyamudgal severity: critical description: Lansweeper before 7.1.117.4 allows unauthenticated SQL injection. impact: | This vulnerability can lead to...
CVE-2026-39031
Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext. This allows an attacker with local access to recover any encrypted password to plaintext using a...
CVE-2026-39031
The CVE-2026-39031 issue affects Lansweeper lsrunase 2.0 and lsencrypt 2.0. The root cause is RC4 encryption guarded by a hardcoded 142-byte static key array, with an 8-character prefix stored in cleartext alongside the ciphertext. This configuration enables an attacker with local access to recov...
CVE-2026-39031
Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext. This allows an attacker with local access to recover any encrypted password to plaintext using a...
CVE-2026-39031
Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext. This allows an attacker with local access to recover any encrypted password to plaintext using a...
EUVD-2015-9106
Malware in sbrugna...
EUVD-2017-5223
Malware in sbrugna...
EUVD-2020-5899
Malware in sbrugna...
EUVD-2017-8015
Malware in sbrugna...
EUVD-2017-18228
Malware in sbrugna...
EUVD-2019-8623
Malware in sbrugna...
EUVD-2022-35639
Malicious code in bioql PyPI...
EUVD-2022-33848
Malicious code in bioql PyPI...
EUVD-2022-35829
Malicious code in bioql PyPI...
EUVD-2022-33145
Malicious code in bioql PyPI...
EUVD-2022-26391
Malicious code in bioql PyPI...
CVE-2020-14011
Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is configured for the admin account, unless "Built-in admin" is manually unchecked. This allows command execution via the Add New Package and Scheduled Deployments features...
CVE-2020-13658
In Lansweeper 8.0.130.17, the web console is vulnerable to a CSRF attack that would allow a low-level Lansweeper user to elevate their privileges within the application...
CVE-2019-18955
The web console in Lansweeper 7.2.105.2 has XSS via the URL path. Product vulnerability has been fixed and disclosed within changelog as of 02 Dec 2019...
CVE-2019-13462
Lansweeper before 7.1.117.4 allows unauthenticated SQL injection...