Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2026/02/25 4:0 p.m.8 views

FileBrowser Quantum: Password Protection Not Enforced on Shared File Links

Summary When users share password-protected files, the recipient can completely bypass the password and still download the file. Details This happens because the API returns a direct download link in the details of the share, which is accessible to anyone with JUST THE SHARE LINK, even without th...

7.1CVSS5.5AI score0.00307EPSS
Exploits1References6Affected Software1
Veracode
Veracode
added 2024/12/10 10:36 a.m.6 views

Password Bypass

moodle/moodle is vulnerable to Password Bypass. The vulnerability is due to loose comparison in the password-checking logic, allowing certain "magic hash" values to bypass password restrictions...

5.4CVSS6.8AI score0.00403EPSS
Exploits0References6Affected Software1
Huntr
Huntr
added 2021/10/14 4:41 a.m.7 views

in flatcore/flatcore-cms

Description Use of incorrect operator == and != for pagepsw Proof of Concept If my actual page password is 240610708 then an attacker can key in QLTHNDT because: md5240610708 = 0e462097431906509019562988736854 md5QLTHNDT = 0e405967825401955372549139051580 And PHP will evaluate...

1.1AI score
Exploits0References1
OSV
OSV
added 2021/08/10 11:15 a.m.5 views

CVE-2021-37172

A vulnerability has been identified in SIMATIC S7-1200 CPU family incl. SIPLUS variants V4.5.0. Affected devices fail to authenticate against configured passwords when provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V13 or later versions to bypass authentication an...

7.5CVSS7.2AI score0.00922EPSS
Exploits0References1
NVD
NVD
added 1997/11/26 5:0 a.m.7 views

CVE-1999-1257

Xyplex terminal server 6.0.1S1, and possibly other versions, allows remote attackers to bypass the password prompt by entering 1 a CTRL-Z character, or 2 a ? question mark...

7.5CVSS0.01584EPSS
Exploits0References3
Rows per page
Query Builder