18 matches found
EUVD-2017-11565
Malware in sbrugna...
EUVD-2021-22822
Malware in sbrugna...
CVE-2024-48644
Accounts enumeration vulnerability in the Login Component of Reolink Duo 2 WiFi Camera Firmware Version v3.0.0.188923031701 allows remote attackers to determine valid user accounts via login attempts. This can lead to the enumeration of user accounts and potentially facilitate other attacks, such...
📄 GeoVision GV-ASManager 6.1.0.0 Information Disclosure
GeoVision GV-ASManager versions 6.1.0.0 and below suffer from an information disclosure vulnerability. Exploit Title: Information Disclosure in GeoVision GV-ASManager Google Dork: inurl:"ASWeb/Login" Date: 02-FEB-2025 Exploit Author: Giorgi Dograshvili DRAGOWN Vendor Homepage:...
CVE-2024-48644
Accounts enumeration vulnerability in the Login Component of Reolink Duo 2 WiFi Camera Firmware Version v3.0.0.188923031701 allows remote attackers to determine valid user accounts via login attempts. This can lead to the enumeration of user accounts and potentially facilitate other attacks, such...
CVE-2024-48644
CVE-2024-48644 affects the Reolink Duo 2 WiFi Camera, firmware v3.0.0.1889_23031701. The issue is in the Login Component where the application responds differently to login attempts with valid vs invalid usernames, enabling remote accounts enumeration. This can facilitate further attacks (e.g., p...
CVE-2024-48644
Accounts enumeration vulnerability in the Login Component of Reolink Duo 2 WiFi Camera Firmware Version v3.0.0.188923031701 allows remote attackers to determine valid user accounts via login attempts. This can lead to the enumeration of user accounts and potentially facilitate other attacks, such...
CVE-2024-48644
Accounts enumeration vulnerability in the Login Component of Reolink Duo 2 WiFi Camera Firmware Version v3.0.0.188923031701 allows remote attackers to determine valid user accounts via login attempts. This can lead to the enumeration of user accounts and potentially facilitate other attacks, such...
CVE-2023-37831
An issue discovered in Elenos ETG150 FM transmitter v3.12 allows attackers to enumerate user accounts based on server responses when credentials are submitted...
Authentication flaw
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 authentication process response indicates and validates the existence of a username. This may allow an attacker to enumerate different user accounts...
CVE-2015-4688
Ellucian formerly SunGard Banner Student 8.5.1.2 through 8.7 allow remote attackers to enumerate user accounts via a series of requests...
Code injection
Ellucian formerly SunGard Banner Student 8.5.1.2 through 8.7 allow remote attackers to enumerate user accounts via a series of requests...
CVE-2014-8035
The web framework in Cisco WebEx Meetings Server produces different returned messages for URL requests depending on whether a username exists, which allows remote attackers to enumerate user accounts via a series of requests, aka Bug ID CSCuj40247...
CVE-2014-3304
The OutlookAction Class in Cisco WebEx Meetings Server allows remote attackers to enumerate user accounts by entering crafted URLs and examining the returned messages, aka Bug ID CSCuj81722...
Default credentials
IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 produces login-failure messages indicating whether the username or password is incorrect, which allows remote attackers to enumerate user accounts via a brute-force attack...
CVE-2011-4678
The password reset feature in One Click Orgs before 1.2.3 generates different error messages for failed reset attempts depending on whether the e-mail address is registered, which allows remote attackers to enumerate user accounts via a series of requests...
Sun Java System Identity Manager / Access Manager accounts enumeration
Replies for invalid username and invalid password are different...
Multiple F5 FirePass security vulnerabilities
URL restrictions bypass, crossite scripting. Restrictions bypass with dotless IP address. Acounts enumeration...