QloApps 安全漏洞

QloApps is an open-source hotel management and reservation system developed by QloApps. Versions of QloApps 1.7.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the use of MD5 for password hashing in the Tools.php file. Weak encryption algorithms allowed...

CVE-2026-44611 MacGregor Voyage Data Recorder (VDR) G4e Use of Password Hash With Insufficient Computational Effort

Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks...

CVE-2026-30790

...

PT-2026-23455

Authentication Bypass by Capture-replay, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Client login, peer authentication modules allows Reusing Session IDs aka Session Replay. Thi...

CVE-2025-46413

Use of password hash with insufficient computational effort issue exists in BUFFALO Wi-Fi router 'WSR-1800AX4 series'. When WPS is enabled, PIN code and/or Wi-Fi password may be obtained by an attacker...

BUFFALO WSR-1800AX4 Series 安全漏洞

BUFFALO WSR-1800AX4 Series is a series of WiFi routers from BUFFALO Japan. A security vulnerability exists in the BUFFALO WSR-1800AX4 Series that stems from an insufficient password hash calculation, which could lead to the PIN and Wi-Fi password being obtained by an attacker...

EUVD-2017-18566

Malware in sbrugna...

EUVD-2012-4824

Malware in sbrugna...

XXL-JOB 安全漏洞

XXL-JOB is a distributed task scheduling platform by the individual developer Xu Xueli xuxueli. A security vulnerability exists in XXL-JOB 3.1.1 and earlier versions, which stems from an insufficient password hash calculation in the Token generation component...

DEBIAN-CVE-2024-23091

Weak password hashing using MD5 in funzioni.php in HotelDruid before 1.32 allows an attacker to obtain plaintext passwords from hash values...

CVE-2020-17494

Untangle Firewall NG before 16.0 uses MD5 for passwords...

WordPress Information Disclosure Vulnerability (CNVD-2017-35575)

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in WordPress 4.8.2 and earlier versions that stems from the program's use of ...

The vulnerability of the “ACTConfig” configuration file of the ABB PCM600 energy management and configuration tool allows a hacker to crack the password and gain access to the main application.

The vulnerability of the “ACTConfig” configuration file of the ABB PCM600 energy management and configuration tool is related to insufficient calculation of the password hash using a unreliable function with a hard-coded key and initialization vector. Exploiting this vulnerability allows an...

cumin: weak password hashing

Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack...