Lucene search
K

60 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:25 p.m.13 views

CVE-2022-32563

An issue was discovered in Couchbase Sync Gateway 3.x before 3.0.2. Admin credentials are not verified when using X.509 client-certificate authentication from Sync Gateway to Couchbase Server. When Sync Gateway is configured to authenticate with Couchbase Server using X.509 client certificates, t...

9.8CVSS7.5AI score0.00763EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/09 5:4 p.m.22 views

CVE-2024-9466 Expedition: Cleartext Storage of Information Leads to Firewall Admin Credential Disclosure

A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials...

8.2CVSS6.1AI score0.11233EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/10/09 5:4 p.m.31 views

CVE-2024-9465 Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure

An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expeditio...

9.2CVSS7.7AI score0.99597EPSS
Exploits3References2
CNNVD
CNNVD
added 2024/09/04 12:0 a.m.14 views

Cisco Smart Licensing Utility 信任管理问题漏洞

Cisco Smart Licensing Utility CSLU is a Cisco application that allows customers to manage licenses and associated product instances from their local location. A trust management issue vulnerability exists in Cisco Smart Licensing Utility that stems from an undocumented static administrator...

9.8CVSS9AI score0.91911EPSS
Exploits0References3
NVD
NVD
added 2023/11/30 11:15 p.m.23 views

CVE-2023-46385

LOYTEC electronics GmbH LINX Configurator all versions is vulnerable to Insecure Permissions. An admin credential is passed as a value of URL parameters without encryption, so it allows remote attackers to steal the password and gain full control of Loytec device configuration...

7.5CVSS0.00755EPSS
Exploits2References5
Cvelist
Cvelist
added 2023/11/30 12:0 a.m.30 views

CVE-2023-46385

LOYTEC electronics GmbH LINX Configurator all versions is vulnerable to Insecure Permissions. An admin credential is passed as a value of URL parameters without encryption, so it allows remote attackers to steal the password and gain full control of Loytec device configuration...

8AI score0.00755EPSS
Exploits2References4
Prion
Prion
added 2023/03/27 4:15 a.m.14 views

Design/Logic Flaw

HGiga PowerStation has a vulnerability of Information Leakage. An unauthenticated remote attacker can exploit this vulnerability to obtain the administrator's credential. This credential can then be used to login PowerStation or Secure Shell to achieve remote code execution...

7.5CVSS9.6AI score0.011EPSS
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2021/08/20 12:0 a.m.231 views

Laundry Booking Management System 1.0 - 'Multiple' SQL Injection

Exploit Title: Laundry Booking Management System 1.0 - 'Multiple' SQL Injection Date: 2021-08-19 Exploit Author: Azumah Foresight Xorlali Vendor Homepage: https://www.sourcecodester.com/php/14400/laundry-booking-management-system-php-source-code.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/04 12:0 a.m.777 views

Composr CMS 10.0.34 Cross Site Scripting

Exploit Title: Composr CMS 10.0.34 - 'banners' Persistent Cross Site Scripting Date: 3-12-2020 Exploit Author: Parshwa Bhavsar Vendor Homepage: https://compo.sr/ Software Link: https://compo.sr/download.htm Version: 10.0.34 Tested on: Windows 10/ Kali Linux Steps To Reproduce :- 1. Install the CM...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2020/10/09 6:33 a.m.29 views

CVE-2020-26900

Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25...

9.6CVSS9.2AI score0.0052EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/10/09 6:33 a.m.30 views

CVE-2020-26904

Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11...

9.6CVSS9.2AI score0.00739EPSS
Exploits0References1
CVE
CVE
added 2020/10/09 6:33 a.m.53 views

CVE-2020-26905

CVE-2020-26905 affects multiple NETGEAR devices due to disclosure of administrative credentials. Affected models and older/fixed versions: CBR40 < 2.5.0.10; RBK752, RBR750, RBS750 < 3.2.15.25; RBK852, RBR850, RBS850

9.6CVSS8.5AI score0.00812EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/10/09 6:32 a.m.24 views

CVE-2020-26906

Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11...

9.6CVSS9.2AI score0.00613EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/06/18 4:26 p.m.30 views

CVE-2020-14431

Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25,...

9.6CVSS8.6AI score0.00809EPSS
Exploits0References1
OSV
OSV
added 2020/04/20 4:15 p.m.4 views

CVE-2017-18845

Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700v2 before 1.1.0.38 and R6800 before 1.1.0.38...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References1
exploitpack
exploitpack
added 2019/05/01 12:0 a.m.42 views

CentOS Web Panel 0.9.8.793 (Free) v0.9.8.753 (Pro) 0.9.8.807 (Pro) - Domain Field (Add DNS Zone) Cross-Site Scripting

CentOS Web Panel 0.9.8.793 Free v0.9.8.753 Pro 0.9.8.807 Pro - Domain Field Add DNS Zone Cross-Site Scripting Exploit Title: CentOS Web Panel - Domain Field Add DNS Zone Cross-Site Scripting Vulnerability Google Dork: N/A Date: 22 - April - 2019 Exploit Author: DKM Vendor Homepage:...

3.5CVSS5AI score0.05907EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/05/01 12:0 a.m.200 views

CentOS Web Panel 0.9.8.793 (Free) / v0.9.8.753 (Pro) / 0.9.8.807 (Pro) - Domain Field (Add DNS Zone) Cross-Site Scripting

Exploit Title: CentOS Web Panel - Domain Field Add DNS Zone Cross-Site Scripting Vulnerability Google Dork: N/A Date: 22 - April - 2019 Exploit Author: DKM Vendor Homepage: http://centos-webpanel.com Software Link: http://centos-webpanel.com Version: v0.9.8.793 Free, v0.9.8.753 Pro and 0.9.8.807...

4.8CVSS5.2AI score0.05907EPSS
Exploits4
Packet Storm
Packet Storm
added 2019/02/12 12:0 a.m.68 views

CentOS Web Panel 0.9.8.763 Cross Site Scripting

Exploit Title: CentOS Web Panel 0.9.8.763 - Stored Cross-Site Scripting Vulnerability Google Dork: N/A Date: 10 - January - 2019 Exploit Author: DKM Vendor Homepage: http://centos-webpanel.com Software Link: http://centos-webpanel.com Version: v0.9.8.763 Tested on: CentOS 7 CVE : CVE-2019-7646...

5.2AI score0.07246EPSS
Exploits5
NVD
NVD
added 2018/09/17 4:29 p.m.16 views

CVE-2018-11086

Pivotal Usage Service in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin...

8.8CVSS8.9AI score0.00961EPSS
Exploits0References1
OSV
OSV
added 2018/09/17 4:29 p.m.4 views

CVE-2018-11088

Pivotal Applications Manager in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the C...

8.8CVSS5.8AI score0.00961EPSS
Exploits0References1
Rows per page
Query Builder