Lucene search
K

340 matches found

Cvelist
Cvelist
added 2023/08/18 9:47 p.m.20 views

CVE-2023-40173 Unsalted passwords in fobybus/social-media-skeleton

Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords...

7.5CVSS7.8AI score0.00535EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/08/18 9:47 p.m.11 views

CVE-2023-40173 Unsalted passwords in fobybus/social-media-skeleton

Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords...

7.5CVSS7.6AI score0.00535EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2023/04/20 12:0 a.m.474 views

Franklin Fueling Systems TS-550 - Default Password

Exploit Title: Franklin Fueling Systems TS-550 - Default Password Date: 4/16/2023 Exploit Author: parsa rezaie khiabanloo Vendor Homepage: Franklin Fueling Systems http://www.franklinfueling.com/ Version: TS-550 Tested on: Linux/Androidtermux Step 1 : attacker can using these dorks and access to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/07 12:0 a.m.182 views

Franklin Fueling Systems TS-550 - Exploit and Default Password

Exploit Title: Franklin Fueling Systems TS-550 - Exploit and Default Password Date: 3/11/2023 Exploit Author: parsa rezaie khiabanloo Vendor Homepage: Franklin Fueling Systems http://www.franklinfueling.com/ Version: TS-550 Tested on: Linux/Androidtermux Step 1 : attacker can using these dorks an...

7.4AI score
Exploits0
Vulnrichment
Vulnrichment
added 2023/04/04 12:0 a.m.6 views

CVE-2023-26855

The hashing algorithm of ChurchCRM v4.5.3 utilizes a non-random salt value which allows attackers to use precomputed hash tables or dictionary attacks to crack the hashed passwords...

6.8AI score0.00729EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/01/20 12:0 a.m.6 views

HCL Technologies BigFix Mobile/Modern Client Management 安全漏洞

HCL Technologies BigFix Mobile/Modern Client Management is a mobile device management software client from HCL Technologies. A security vulnerability exists in HCL BigFix Mobile/Modern Client Management, which arises from a brute-force cracking of passwords in the configuration interface...

7.5CVSS7.3AI score0.00346EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2023/01/13 4:45 p.m.9 views

US Department of the Interior's passwords "easily cracked"

It's bad news for the US Department of the Interior--a Government watchdogs security audit has revealed its passwords are simply not up to the job of warding off cracking attempts. The audit's wordy title was not kind: P@s$w0rds at the U.S. Department of the Interior: Easily Cracked Passwords, La...

0.3AI score
Exploits0
CNNVD
CNNVD
added 2022/11/30 12:0 a.m.4 views

Book Store Management System 访问控制错误漏洞

Book Store Management System is an online bookstore system by Carlo Montero Personal Developer. An access control error vulnerability exists in Book Store Management System version 1.0. An attacker could exploit this vulnerability to crack passwords and obtain sensitive information...

7.5CVSS6.3AI score0.01211EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/11/25 12:0 a.m.6 views

Web Based Quiz System 安全漏洞

Web Based Quiz System is a web based quiz system for janobe individual developers. A vulnerability exists in Web Based Quiz System v1.0, which can be exploited by attackers to obtain a user's password via brute-force cracking...

7.5CVSS6.9AI score0.00442EPSS
Exploits1References2
Kitploit
Kitploit
added 2022/08/31 12:30 p.m.70 views

Awesome-Password-Cracking - A Curated List Of Awesome Tools, Research, Papers And Other Projects Related To Password Cracking And Password Security

A curated list of awesome tools, research, papers and other projects related to password cracking and password security. Read the guidelines before contributing! In short: List is alphabetically sorted If in doubt, use awesome-lint If you think an item shouldn't be here open an issue Books Hash...

7.3AI score
Exploits0References92
CNNVD
CNNVD
added 2022/06/23 12:0 a.m.5 views

Secheron SEPCOS Control and Protection Relay 安全漏洞

Secheron SEPCOS Control and Protection Relay is a relay from Secheron. Control and protect your DC panels and contact lines from short circuits and other electrical faults, and benefit from enhanced communication capabilities.The Secheron SEPCOS Control and Protection Relay is vulnerable to an...

6.5CVSS5.6AI score0.00723EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/05/10 12:0 a.m.3 views

PT-2022-3434 · Siemens · Desigo Pxc4 +3

Name of the Vulnerable Software and Affected Versions: Desigo DXR2 versions prior to V01.21.142.5-22 Desigo PXC3 versions prior to V01.21.142.4-18 Desigo PXC4 versions prior to V02.20.142.10-10884 Desigo PXC5 versions prior to V02.20.142.10-10884 Description: A vulnerability has been identified i...

6.8CVSS6.4AI score0.0045EPSS
Exploits0References5
Kitploit
Kitploit
added 2022/04/05 12:30 p.m.24 views

DarthSidious - Building An Active Directory Domain And Hacking It

The goal is simple To share my modest knowledge about hacking Windows systems. This is commonly refered to as red team exercises. This book however, is also very concerned with the blue team; the defenders. That is, helping those who are working as defenders, analysts and security experts to buil...

7.3AI score
Exploits0References6
OSV
OSV
added 2022/03/09 6:15 p.m.7 views

CVE-2022-0022

Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal non-FIPS-CC operationa...

4.4CVSS5.8AI score0.00125EPSS
Exploits0References1
CVE
CVE
added 2022/03/09 5:35 p.m.107 views

CVE-2022-0022

CVE-2022-0022 affects PAN-OS: the password hashes for administrator and local user accounts are generated with a weak cryptographic algorithm in non-FIPS-CC mode, enabling hash cracking if hashes are obtained from PAN-OS configuration. Affected are PAN-OS 8.1 before 8.1.21; all 9.0; 9.1 before 9....

4.6CVSS4.7AI score0.00125EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/03/09 5:0 p.m.5 views

CVE-2022-0022

Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal non-FIPS-CC operationa...

4.6CVSS5.5AI score0.00125EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/03/09 12:0 a.m.47 views

Palo Alto Networks PAN-OS 8.1.x < 8.1.21 / 9.0.x < 9.1.11 / 9.1.x < 9.1.11 / 10.0.x < 10.0.7 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.21 or 9.0.x prior to 9.1.11 or 9.1.x prior to 9.1.11 or 10.0.x prior to 10.0.7. It is, therefore, affected by a vulnerability. - Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software...

4.6CVSS5.2AI score0.00125EPSS
Exploits0References3
NVD
NVD
added 2022/02/18 6:15 p.m.31 views

CVE-2022-21800

MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 uses the MD5 algorithm to hash the passwords before storing them but does not salt the hash. As a result, attackers may be able to crack the hashed...

6.5CVSS0.00513EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2021/11/29 8:3 a.m.28 views

CVE-2021-43332

A flaw was found in mailman, where the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This flaw could potentially allow cracking of the password by a moderator utilizing an offline brute-force attack...

6.5CVSS5.3AI score0.01072EPSS
Exploits0References4
Gitee
Gitee
added 2021/11/18 11:7 p.m.3 views

K8tools

It is an offensive tool for web application exploitation. The repository, K8tools, contains a collection of tools for various purposes, including internal penetration, privilege escalation, remote overflow, vulnerability exploitation, scanning, password cracking, and evasion. The primary focus is...

7.2AI score
Exploits0
Rows per page
Query Builder