6 matches found
Ilevia EVE X1 Server 安全漏洞
Ilevia EVE X1 Server is a smart home and building automation from Ilevia, Italy. A security vulnerability exists in Ilevia EVE X1 Server version 4.7.18.0.eden and prior versions, which stems from storing passwords using the unsalted MD5 hash algorithm, which could lead to an offline dictionary...
IBM Security Verify Governance 安全漏洞
IBM Security Verify Governance is an intelligent identity access platform from International Business Machines IBM, Inc. provides organizations with a platform to analyze, define and control user access and access risk. IBM Security Verify Governance suffers from a security vulnerability that ste...
Horizon Business Services Caterease 安全漏洞
Horizon Business Services Caterease is an event planning and catering software from Horizon Business Services, USA. A security vulnerability exists in Horizon Business Services Caterease versions 16.0.1.1663 through 24.0.1.2405 and later versions, which stems from the use of unsalted unidirection...
OnlineVotingSystem Encryption Problem Vulnerability
Dbijaya OnlineVotingSystem is a Java-based online voting system from the individual developers of Dbijaya. OnlineVotingSystem before version 1.1.2 suffers from a cryptographic vulnerability that stems from not using a salt to hash a user's password, which can be exploited by an attacker to make i...
CVE-2020-8791
The OKLOK 3.1.1 mobile companion app for Fingerprint Bluetooth Padlock FB50 2.3 allows remote attackers to submit API requests using authenticated but unauthorized tokens, resulting in IDOR issues. A remote attacker can use their own token to make unauthorized API requests on behalf of arbitrary...
RedTeam Pentesting GmbH
Advisory: Owl Intranet Engine: Information Disclosure and Unsalted Password Hashes The Owl Intranet Engine uses no salting in the password hashing procedure. Furthermore, users in the "Administrators" group are able to see the MD5 password hashes of every user using the web interface. Details...