Lucene search
+L

2133 matches found

RedHat Linux
RedHat Linux
added 2011/10/17 9:42 p.m.7 views

crypt_blowfish: 8-bit character mishandling allows different password pairs to produce the same hash

cryptblowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash...

5CVSS5.8AI score0.04972EPSS
Exploits0References5
seebug.org
seebug.org
added 2011/10/10 12:0 a.m.20 views

ECshop 2.7.2 XSS

简要描述: 过滤不严 详细说明: 缺货登记-联系人处可保存任意脚本 漏洞证明: 脚本可利用privilege.php中update管理员的邮箱,通过找回密码,获取邮箱...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2011/10/02 8:13 p.m.6 views

DarkComet-RAT v4.2 fwb (Firewall bypass)

DarkComet-RAT v4.2 fwb Firewall bypass This version is firewall bypass it will inject to web browsers and bypass firewall rules. Targets are in this order : Firefox, Opera, Chrome, Safari, Internet Explorer and Explorer if all fails normally never then it runs normally. Notice now you can use...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2011/10/02 8:13 p.m.5 views

DarkComet-RAT v4.2 fwb (Firewall bypass)

DarkComet-RAT v4.2 fwb Firewall bypass This version is firewall bypass it will inject to web browsers and bypass firewall rules. Targets are in this order : Firefox, Opera, Chrome, Safari, Internet Explorer and Explorer if all fails normally never then it runs normally. Notice now you can use...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2011/09/30 5:45 p.m.2 views

Russian firm Elcomsoft unveils tool to crack BlackBerry encryption security

Russian firm Elcomsoft unveils tool to crack BlackBerry encryption security A Russian security company has upgraded a phone-password cracking suite with the ability to figure out the master device password for Research in Motion's BlackBerry devices. Elcomsoft said that before it developed the...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2011/09/30 5:45 p.m.7 views

Russian firm Elcomsoft unveils tool to crack BlackBerry encryption security

Russian firm Elcomsoft unveils tool to crack BlackBerry encryption security A Russian security company has upgraded a phone-password cracking suite with the ability to figure out the master device password for Research in Motion's BlackBerry devices. Elcomsoft said that before it developed the...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2011/09/13 12:0 a.m.18 views

shopex密码取回处新生成密码可预测漏洞

简要描述: shopex在找回密码的地方存在一些逻辑设计问题,导致可以预测新生成的密码,可能被用来攻击获取他人密码 详细说明: 相关代码 /core/shop/controller/ctl.passport.php中: function sendPSW $this-begin$this-system-mkUrl'passport','lost'; $member=&$this-system-loadModel'member/member'; $data=$member-getMemberByUser$POST'uname';...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2011/06/16 6:46 a.m.2 views

PayPal vulnerability : Hack any Paypal account within 30 seconds

PayPal vulnerability : Hack any Paypal account within 30 seconds UPDATE : This has been debunked, Paypal accounts are safe. https://thenextweb.com have spoken in depth to Matt Langley, the person who discovered the supposed issue, and it's clear why he assumed there was a serious security breach...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2011/06/02 12:38 p.m.13 views

Facebook Password Extractor - Get passwords stored in Web browsers

Facebook Password Extractor - Get passwords stored in Web browsers Facebook Password Extractor is a free tool to recover passwords to Facebook accounts that are stored or cached in popular Web browsers. Supporting the latest versions of Microsoft Internet Explorer, Mozilla Firefox, Apple Safari,...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2011/05/27 6:28 p.m.31 views

Vendor's List Of Backdoor Accounts Leaked Online

An internal document listing the backdoor accounts for switches manufactured by networking equipment vendor Allied Telesis was circulating online Friday, a day after an internal support page providing instructions on accessing hard coded back door accounts in the company’s products was found to b...

7AI score
Exploits0References3
The Hacker News
The Hacker News
added 2011/04/08 11:19 a.m.8 views

Cain & Abel 4.9.40 released , Download now !

Cain & Abel 4.9.40 released , Download now ! Cain & Abel is a password recovery tool for Microsoft operating systems.It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and brute force attacks, decoding scrambled passwords,...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2011/03/23 12:0 a.m.44 views

MC Content Manager 10.1.1 Cross Site Scripting

Hello list! I want to warn you about Cross-Site Scripting, Abuse of Functionality and Insufficient Anti-automation vulnerabilities in MC Content Manager. It's Ukrainian commercial CMS. ------------------------- Affected products: ------------------------- Vulnerable are potentially all versions o...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2011/03/03 11:8 a.m.14 views

Cain & Abel v4.9.39 updated version Download !

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords,...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2011/02/10 4:2 p.m.9 views

How to Recover iPhone Passwords in Six Minutes

Smartphone security has jumped to the top of the list of concerns for many IT security staffs and one of the main reasons for that is the epidemic of lost and stolen smartphones. Many of those devices have only minimal password protection, and now researchers in Germany have devised a new techniq...

7.2AI score
Exploits0References2
The Hacker News
The Hacker News
added 2011/01/01 12:19 p.m.21 views

The Blackbuntu Community Edition Download !

The Blackbuntu Community Edition is a Linux Live-CD based on Ubuntu 10.10 which was specially designed for security training students and practitioners of information security. Another tool for penetration testers collection that could be considered as a competition for Pentoo. It supports the...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2010/12/13 5:10 p.m.14 views

Gawker Roadkill? How To Find Out and Recover

CLARIFICATION: This story corrects information concerning the availability of the stolen account names and passwords online. Millions of Web users are waking up to news that broke over the weekend that systems belonging to Gawker Media were hacked and password data on millions of user accounts...

6.9AI score
Exploits0References8
exploitpack
exploitpack
added 2010/05/08 12:0 a.m.9 views

GeoHttpServer - Remote Denial of Service

GeoHttpServer - Remote Denial of Service !/usr/bin/perl Exploit Title: GeoHttpServer remote DoS Date: 7-5-2010 Author: aviho1 vendor: GeoVision Version: all info: the password recovery page does not properly validate user-supplied password ,causing a dos. use IO::Socket; my $host = shift ||...

7.4AI score
Exploits0
myhack58
myhack58
added 2010/03/21 12:0 a.m.14 views

ubuntu 9.10 forget the root password solution-vulnerability warning-the black bar safety net

This method is applicable to the can physical contact with the machine. 1. Boot hold down the Shift key to enter Grub menu. 2. Press e to modify the first“Ubuntu, 2.6. xxx-generic” 3. Modify the penultimate line 2,“linux /boot/vmlinuz... ro quiet splash”to“linux /boot/vmlinuz... rw single...

1.2AI score
Exploits0
NVD
NVD
added 2009/09/09 5:30 p.m.17 views

CVE-2008-7188

ClipShare 2.6 does not properly restrict access to certain functionality, which allows remote attackers to change the profile of arbitrary users via a modified uid variable to siteadmin/useredit.php. NOTE: this can be used to recover the password of the user by using the modified e-mail address i...

7.5CVSS6.9AI score0.023EPSS
Exploits1References4
CVE
CVE
added 2009/09/09 5:0 p.m.42 views

CVE-2008-7188

CVE-2008-7188 affects ClipShare 2.6, where an attacker can bypass access restrictions by altering a uid parameter in siteadmin/useredit.php to modify arbitrary user profiles. This can be combined with using the manipulated email to trigger recoverpass.php, potentially recovering a user’s password...

7.5CVSS7.1AI score0.023EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder