CVE-2024-13773 Civi - Job Board & Freelance Marketplace WordPress Theme <= 2.1.4 - Sensitive Information Exposure

The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.4 via hard-coded credentials. This makes it possible for unauthenticated attackers to extract sensitive data including Linked...

WordPress plugin Civi 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2025-2079

Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool version 3.1.2rc11 contain a hard coded secret key. This could allow an attacker to generate valid JWT JSON Web Token sessions...

CVE-2025-2079

Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool version 3.1.2rc11 contain a hard coded secret key. This could allow an attacker to generate valid JWT JSON Web Token sessions...

CVE-2025-2079

Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool version 3.1.2rc11 contain a hard coded secret key. This could allow an attacker to generate valid JWT JSON Web Token sessions...

TRENDnet TEW-929DRU Hardcoded Password Vulnerability

The TRENDnet TEW-929DRU is a wireless router from TRENDnet. The TRENDnet TEW-929DRU suffers from a hard-coded password vulnerability that can be exploited by an attacker to log in as root...

Optigo Networks Visual BACnet Capture Tool和Optigo Visual Networks Capture Tool 安全漏洞

Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool are both products of Optigo Inc.Optigo Networks Visual BACnet Capture Tool is a Optigo Networks Visual BACnet Capture Tool is a tool for capturing BACnet network traffic and automatically uploading the captured dat...

Vulnerabilities fixed in Fortinet FortiSandbox

Fortinet has fixed vulnerabilities in FortiSandbox. The vulnerability with reference CVE-2024-45328 includes improper authorization that allows low-privileged administrators to execute elevated CLI commands through the GUI console. In addition, there is an SQL injection vulnerability with attribu...

CVE-2025-27255

Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege Escalation. The local user database is encrypted using an hardcoded password retrievable by an attacker analyzing the application code...

CVE-2025-27255

Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege Escalation. The local user database is encrypted using an hardcoded password retrievable by an attacker analyzing the application code...

CVE-2025-27255

This CVE concerns GE Vernova EnerVista UR Setup. The vulnerability arises from hard-coded credentials used to encrypt the local user database, with the credential password retrievable by analyzing the application code. A local attacker could leverage this to escalate privileges on the affected sy...

CVE-2025-27255

Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege Escalation. The local user database is encrypted using an hardcoded password retrievable by an attacker analyzing the application code...

CVE-2025-27255

Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege Escalation. The local user database is encrypted using an hardcoded password retrievable by an attacker analyzing the application code...

GE Vernova EnerVista UR 信任管理问题漏洞

GE Vernova EnerVista UR is a device configuration tool from GE Vernova USA that is compatible with all UR relay applications. A trust management issue vulnerability exists in the GE Vernova EnerVista UR that stems from the use of hard-coded credentials, which could lead to elevation of privilege...

CVE-2025-1393

An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product...

CVE-2025-1393 Weidmueller: Authentication Vulnerability due to Hard-coded Credentials

An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product...

CVE-2025-1393

CVE-2025-1393: An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product. Multiple connected sources confirm unauthenticated access with full admin rights; one listing ties the issue to Weidmueller PROCON-WIN versions prior to...

CVE-2025-1393 Weidmueller: Authentication Vulnerability due to Hard-coded Credentials

An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product...

Weidmueller Interface PROCON-WIN 信任管理问题漏洞

Weidmueller Interface PROCON-WIN is a controller from Weidmueller Interface. A trust management issue vulnerability exists in Weidmueller Interface PROCON-WIN versions prior to 5.7.14.1, which stems from the use of hard-coded credentials that allow an unauthenticated attacker to gain administrato...

Vasion Print 安全漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print versions prior to 22.0.843 Application 20.0.1923, which stems from hard-coded IdP keys...