Lucene search
K

40 matches found

Hacker One
Hacker One
added 2021/05/07 7:1 p.m.117 views

Sifchain: A password in plain text in conf file

I found a password in plain text in \sifnode-develop\ui\e2e\config.js in the source code. password: "coolguy21" Impact I don't know actually how does this affects but passwords in plaintexts are always dangerous...

7AI score
Exploits0
CNNVD
CNNVD
added 2021/02/15 12:0 a.m.7 views

Mutare Voice Security Feature Issue Vulnerability

A security signature issue vulnerability exists in Mutare Voice EVM 3.x before 3.3.8, which originates when password information is displayed in plaintext on an external system...

4.9CVSS5.8AI score0.00511EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/02/10 12:0 a.m.9 views

FiberHome HG6245D devices 加密问题漏洞

The HG6245D is an FTTH ONT router from FiberHome. The FiberHome HG6245D suffers from a password plaintext storage vulnerability. An attacker can exploit this vulnerability to obtain passwords in plaintext...

7.5CVSS7.1AI score0.1818EPSS
Exploits1References2
CNVD
CNVD
added 2020/11/13 12:0 a.m.4 views

Palo Alto Networks PAN-OS Log Message Disclosure Vulnerability (CNVD-2020-63187)

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall appliances. Palo Alto Networks PAN-OS suffers from a log message disclosure vulnerability that stems from the fact that a proxy server's password may be displayed in plaintext when using the CLI,...

3.3CVSS6.7AI score0.0034EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/10/10 12:0 a.m.5 views

PT-2020-20008 · Nextcloud +2 · Nextcloud Server +2

Name of the Vulnerable Software and Affected Versions: Nextcloud Server version 19.0.0 Description: A logic error caused the plaintext storage of the share password when it was given on the initial create API call. Recommendations: For Nextcloud Server version 19.0.0, update to a version that fix...

9CVSS5.8AI score0.04419EPSS
Exploits15References58
CNVD
CNVD
added 2019/07/22 12:0 a.m.5 views

Dell EMC Unity and UnityVSA Security Bypass Vulnerability

Dell EMC Unity and UnityVSA are both products of Dell, Inc.Dell EMC Unity is a unified storage array product.UnityVSA is a set of virtual Unity storage environments. A security vulnerability exists in Dell EMC Unity prior to version 5.0.0.0.5.116 and UnityVSA prior to version 5.0.0.0.5.116, which...

7.8CVSS6.7AI score0.00336EPSS
Exploits0References1
CNVD
CNVD
added 2018/05/30 12:0 a.m.4 views

D-Link DIR-815 Information Disclosure Vulnerability

D-Link DIR-815 is a wireless router product from AUO D-Link. An information disclosure vulnerability exists in the D-Link DIR-815 with firmware prior to version 2.07.B01, which originates from the program storing the administrative password in plaintext. A remote attacker could exploit this...

9.8CVSS9.2AI score0.02151EPSS
Exploits0References1
CNVD
CNVD
added 2017/11/16 12:0 a.m.6 views

PSFTPd Windows FTP Server Password Plaintext Vulnerability

PSFTPd Windows FTP Server is a suite of FTP server software. The software supports protocols such as FTP, FTPS and SFTP. A password plaintext vulnerability exists in PSFTPd Windows FTP Server version 10.0.4 Build 729. An attacker can exploit this vulnerability to hide information in log files,...

5.3CVSS6.7AI score0.00561EPSS
Exploits4References1
OSV
OSV
added 2017/08/07 3:1 p.m.5 views

USN-3379-1 shotwell vulnerability

It was discovered that Shotwell is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission...

7.5CVSS7.1AI score0.01209EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2017/07/13 8:0 p.m.16 views

CVE-2017-1000024

Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission...

7.5CVSS7.4AI score0.01209EPSS
Exploits0
CNVD
CNVD
added 2016/10/18 12:0 a.m.2 views

China Mobile 139 Mailbox Android V6.6.1 suffers from gesture password plaintext storage vulnerability

139 Mailbox APP is a general-purpose mailbox client launched by China Mobile. A vulnerability exists in the plaintext storage of gesture passwords in China Mobile 139 Mailbox Android V6.6.1. Since the user's gesture password storage is not encrypted, an attacker can utilize the vulnerability to...

6.7AI score
Exploits0
CNVD
CNVD
added 2016/04/16 12:0 a.m.9 views

Accuenergy Acuvim II and IIR AXN-NET Module Information Disclosure Vulnerability

Accuenergy Acuvim II and IIR are Accuenergy's multi-function network power meters that provide power parameter measurement, four-quadrant power metering, and out-of-limit alarms.AXN-NET is one of the Ethernet module accessories. The AXN-NET module of the Accuenergy Acuvim II and IIR stores mail...

7.5CVSS6.9AI score0.01522EPSS
Exploits0References1
exploitpack
exploitpack
added 2010/02/24 12:0 a.m.27 views

Softbiz Classifieds PLUS - Multiple SQL Injections

Softbiz Classifieds PLUS - Multiple SQL Injections ----------------------------Information------------------------------------------------ +Name : Softbiz Classifieds PLUS SQL Injection gallery.php +Autor : Easy Laster +Date : 25.02.2010 +Script : Softbiz Classifieds PLUS +Price : 99$ +Language :...

0.7AI score
Exploits0
seebug.org
seebug.org
added 2008/12/10 12:0 a.m.14 views

HTMPL 1.11 (htmpl_admin.cgi help) Command Execution Vulnerability

No description provided by source. Software : HTMPL v1.11 Download Link : http://vmeste.org/templex/doc/1.html Vulnrability : Command Execution Severity : High Author : ZeN Website : http://dusecurity.com / http://darkcode.me/ Exploit : site.com/cgi-bin/htmpladmin.cgi?help=|cat /etc/passwd A few...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2005/06/14 4:0 a.m.36 views

CVE-2005-1760

sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges...

6.5AI score0.01971EPSS
Exploits0References6
NVD
NVD
added 2002/10/04 4:0 a.m.18 views

CVE-2002-1097

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages...

7.5CVSS6.3AI score0.01133EPSS
Exploits0References3
NVD
NVD
added 2001/09/10 4:0 a.m.24 views

CVE-2001-1404

Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges...

7.5CVSS6.9AI score0.01126EPSS
Exploits0References3
Cvelist
Cvelist
added 2000/07/12 4:0 a.m.37 views

CVE-2000-0402

The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator sa account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability...

7.1AI score0.90609EPSS
Exploits7References3
ATTACKERKB
ATTACKERKB
added 2000/05/30 4:0 a.m.4 views

CVE-2000-0402

The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator sa account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability...

2.1CVSS5.7AI score0.90609EPSS
Exploits7References6
Positive Technologies
Positive Technologies
added 1999/12/05 12:0 a.m.5 views

PT-1999-1502 · Sun · Sun Wbem

Name of the Vulnerable Software and Affected Versions: Sun Web-Based Enterprise Management WBEM affected versions not specified Description: The issue concerns the storage of a password in plaintext within a world-readable file by the Sun Web-Based Enterprise Management WBEM installation script...

7.2CVSS6.5AI score0.0044EPSS
Exploits0References2
Rows per page
Query Builder