CVE-2020-10554

An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored in the database in an obfuscated format, which can be easily reverted. For example, the password AAAAAAAA is stored in the database as MMMMMMMM...

CVE-2020-10552

An issue was discovered in Psyprax before 3.2.2. The Firebird database is accessible with the default user sysdba and password masterke after installation. This allows any user to access it and read and modify the contents, including passwords. Local database files can be accessed directly as wel...

CVE-2020-10553

An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA%\Psyprax32\PPScreen.ini contains a hash for the lockscreen aka screensaver of the application. If that entry is removed, the lockscreen is no longer displayed and the app is no longer locked. All local users are able to modify...

EUVD-2020-3005

Malware in sbrugna...

EUVD-2020-3004

Malware in sbrugna...

CVE-2020-10553

An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA%\Psyprax32\PPScreen.ini contains a hash for the lockscreen aka screensaver of the application. If that entry is removed, the lockscreen is no longer displayed and the app is no longer locked. All local users are able to modify...

CVE-2020-10554

An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored in the database in an obfuscated format, which can be easily reverted. For example, the password AAAAAAAA is stored in the database as MMMMMMMM...

CVE-2020-10553

An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA%\Psyprax32\PPScreen.ini contains a hash for the lockscreen aka screensaver of the application. If that entry is removed, the lockscreen is no longer displayed and the app is no longer locked. All local users are able to modify...

CVE-2020-10552

An issue was discovered in Psyprax before 3.2.2. The Firebird database is accessible with the default user sysdba and password masterke after installation. This allows any user to access it and read and modify the contents, including passwords. Local database files can be accessed directly as wel...

CVE-2020-10554

An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored in the database in an obfuscated format, which can be easily reverted. For example, the password AAAAAAAA is stored in the database as MMMMMMMM...

Format string

An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored in the database in an obfuscated format, which can be easily reverted. For example, the password AAAAAAAA is stored in the database as MMMMMMMM...

Design/Logic Flaw

An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA%\Psyprax32\PPScreen.ini contains a hash for the lockscreen aka screensaver of the application. If that entry is removed, the lockscreen is no longer displayed and the app is no longer locked. All local users are able to modify...

Design/Logic Flaw

An issue was discovered in Psyprax before 3.2.2. The Firebird database is accessible with the default user sysdba and password masterke after installation. This allows any user to access it and read and modify the contents, including passwords. Local database files can be accessed directly as wel...

CVE-2020-10552

Psyprax ≤3.2.1 has a credential-reuse vulnerability where the Firebird database is initialized with the default sysdba:masterke credentials, allowing any user to access and modify the database contents (including passwords) and to directly access local database files. This issue is documented acr...

CVE-2020-10552

An issue was discovered in Psyprax before 3.2.2. The Firebird database is accessible with the default user sysdba and password masterke after installation. This allows any user to access it and read and modify the contents, including passwords. Local database files can be accessed directly as wel...

CVE-2020-10553

Psyprax before 3.2.2 is affected. The PPScreen.ini file in %PROGRAMDATA%\Psyprax32 contains a hash for the application’s lockscreen. If the entry is removed, the lockscreen is not displayed and the application is no longer locked. All local users can modify this file, enabling potential bypass of...

CVE-2020-10553

An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA%\Psyprax32\PPScreen.ini contains a hash for the lockscreen aka screensaver of the application. If that entry is removed, the lockscreen is no longer displayed and the app is no longer locked. All local users are able to modify...

CVE-2020-10554

CVE-2020-10554 affects Psyprax before 3.2.2. The issue is that passwords used to encrypt data are stored in the database in an obfuscated format that can be easily reverted (e.g., AAAAAAAA stored as MMMMMMMM). The Red Hat and NVD entries corroborate this description. The available documents do no...

Psyprax Security Vulnerability

A security vulnerability exists in Psyprax before 3.2.2 that stems from the file %PROGRAMDATA%Psyprax32PPScreen.ini containing the application lock screen hash. If this entry is removed, the lock screen will no longer be displayed...

Psyprax Encryption Problem Vulnerability

A security vulnerability exists in Psyprax beforee 3.2.2, which stems from passwords used to encrypt data being stored in a fuzzy format in a database...