29 matches found
Design/Logic Flaw
The administrative passwords for all versions of Bond JetSelect are stored within an unprotected file on the filesystem, rather than encrypted within the MySQL database. This backup copy of the passwords is made as part of the installation script, after the administrator has generated a password...
CVE-2019-13021
The administrative passwords for all versions of Bond JetSelect are stored within an unprotected file on the filesystem, rather than encrypted within the MySQL database. This backup copy of the passwords is made as part of the installation script, after the administrator has generated a password...
CVE-2020-8481
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody...
CVE-2020-8481
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody...
CVE-2020-8481 ABB Central Licensing System - Information disclosure
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody...
Openedit <= 5.1294 - Remote Code Execution Exploit
No description provided by source. !/usr/bin/python Openedit = v5.1294 Remote Code Execution Exploit http://net-ninja.net/blog/?p=553 watch http://www.zeitgeistmovie.com/ Explanation: Vuln 1: Admin hash disclosure Vuln 2: Login with the hash Vuln 3: Unprotected file upload mrme@pluto openedit$ su...
Openedit <= v5.1294 Remote Code Execution Exploit
Exploit for jsp platform in category web applications !/usr/bin/python Openedit = v5.1294 Remote Code Execution Exploit http://net-ninja.net/blog/?p=553 watch http://www.zeitgeistmovie.com/ Explanation: Vuln 1: Admin hash disclosure Vuln 2: Login with the hash Vuln 3: Unprotected file upload...
Openedit 5.1294 Code Execution
!/usr/bin/python Openedit = v5.1294 Remote Code Execution Exploit http://net-ninja.net/blog/?p=553 watch http://www.zeitgeistmovie.com/ Explanation: Vuln 1: Admin hash disclosure Vuln 2: Login with the hash Vuln 3: Unprotected file upload mrme@pluto openedit$ sudo python ./openown.py -p...
FuzzyMonkey 2.11 - MyClassifieds Email Variable SQL Injection
source: https://www.securityfocus.com/bid/8863/info It has been reported that FuzzyMonkey MyClassifieds may be prone to a SQL injection vulnerability that may allow an attacker to disclose user passwords by supplying malicious SQL code to the Email variable. This attack may cause the software to...