6 matches found
VulnCheck KEV: CVE-2022-26923
An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow for privilege escalation to SYSTEM...
Automato - Automating the user-focused enumeration tasks during an internal penetration test
automato should help with automating some of the user-focused enumeration tasks during an internal penetration test. automato is also capable of conducting limited brute force attacks such as: Testing to see if a list of users with a common password exists in the target domain Identifying if a...
Design/Logic Flaw
The web services implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly consider the maintenance-mode state and account attributes during login attempts, which allows remote authenticated users to bypass intended access restrictions by connecting to a webservice serv...
CVE-2011-4590
The web services implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly consider the maintenance-mode state and account attributes during login attempts, which allows remote authenticated users to bypass intended access restrictions by connecting to a webservice serv...
CVE-2004-2705
Unspecified vulnerability in Player vs. Player Gaming Network PvPGN before 1.6.4 allows remote attackers to obtain attributes of arbitrary accounts, including the password hash, via certain statsreq packets...
CVE-2004-2705
Unspecified vulnerability in Player vs. Player Gaming Network PvPGN before 1.6.4 allows remote attackers to obtain attributes of arbitrary accounts, including the password hash, via certain statsreq packets...