16 matches found
CVE-2026-8878
Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensitive data. The exposed information consists of SHA-1 hashes that are inadequately obfuscated using a simple Caesar cipher, which can be easily reversed to recover...
CVE-2026-8878 CVE-2026-8878
Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensitive data. The exposed information consists of SHA-1 hashes that are inadequately obfuscated using a simple Caesar cipher, which can be easily reversed to recover...
EUVD-2026-34163
Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensitive data. The exposed information consists of SHA-1 hashes that are inadequately obfuscated using a simple Caesar cipher, which can be easily reversed to recover...
PT-2026-46050
Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensitive data. The exposed information consists of SHA-1 hashes that are inadequately obfuscated using a simple Caesar cipher, which can be easily reversed to recover...
EUVD-2011-1510
Malware in sbrugna...
New Credit Card Skimmer Targets WordPress, Magento, and OpenCart Sites
Multiple content management system CMS platforms like WordPress, Magento, and OpenCart have been targeted by a new credit card web skimmer called Caesar Cipher Skimmer. A web skimmer refers to malware that is injected into e-commerce sites with the goal of stealing financial and payment...
BokuLoader - A Proof-Of-Concept Cobalt Strike Reflective Loader Which Aims To Recreate, Integrate, And Enhance Cobalt Strike's Evasion Features!
A proof-of-concept User-Defined Reflective Loader UDRL which aims to recreate, integrate, and enhance Cobalt Strike's evasion features! Contributors: Contributor | Twitter | Notable Contributions ---|---|--- Bobby Cooke | @0xBoku | Project original author and maintainer Santiago Pecin | @s4ntiago...
LibMiner: Container-Based Cryptocurrency Miner Targeting Unprotected Redis Servers
Qualys is actively tracking threats which target containers. In our recent analysis, we have identified a few docker instances executing a malware which we term as “LibMiner”. This malware has the capability to deploy and execute Cryptominer. It uses a unique technique for lateral movement across...
LuxCal 2.7.0 XSS / LFI / Information Disclosure
Exploit Title: LuxCal v2.7.0 Multiple Remote Vulnerabilities Date: 17/09/2012 Author: L0n3ly-H34rT Contact: [email protected] My Site: http://se3c.blogspot.com/ Vendor Link: http://www.luxsoft.eu/ Software Link: http://www.luxsoft.eu/dloader.php?file=luxcal270.zip Version: 2.7.0 Tested on:...
LuxCal 2.7.0 XSS / LFI / Information Disclosure
Exploit for php platform in category web applications Exploit Title: LuxCal v2.7.0 Multiple Remote Vulnerabilities Date: 17/09/2012 Author: L0n3ly-H34rT Contact: email protected My Site: http://se3c.blogspot.com/ Vendor Link: http://www.luxsoft.eu/ Software Link:...
CVE-2011-1509
The encryptPassword function in Login.js in ManageEngine ServiceDesk Plus SDP 8012 and earlier uses a Caesar cipher for encryption of passwords in cookies, which makes it easier for remote attackers to obtain sensitive information by sniffing the network...
Design/Logic Flaw
The encryptPassword function in Login.js in ManageEngine ServiceDesk Plus SDP 8012 and earlier uses a Caesar cipher for encryption of passwords in cookies, which makes it easier for remote attackers to obtain sensitive information by sniffing the network...
CVE-2011-1509
The encryptPassword function in Login.js in ManageEngine ServiceDesk Plus SDP 8012 and earlier uses a Caesar cipher for encryption of passwords in cookies, which makes it easier for remote attackers to obtain sensitive information by sniffing the network...
CVE-2011-1509
Affected product : ManageEngine ServiceDesk Plus (SDP) versions up to 8.x, including SDP 8012 and earlier. Vulnerability details : CVE-2011-1509 is an authentication weakness where the encryptPassword function in Login.js uses a Caesar cipher with no salt or secret, storing passwords locally in c...
CORE-2011-0506 - Multiples Vulnerabilities in ManageEngine ServiceDesk Plus
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Multiples Vulnerabilities in ManageEngine ServiceDesk Plus 1. Advisory Information Title: Multiples Vulnerabilities in ManageEngine ServiceDesk Plus Advisory ID: CORE-2011-0506 Advisory URL:...
Слабое шифрование пароля в Meeting Maker
При передаче пароля по сети используется легко дешифруемый алгорит замены символов Цезаря...