Lucene search
K

5 matches found

exploitpack
exploitpack
added 2016/02/25 12:0 a.m.150 views

IBM Lotus Domino R8 - Password Hash Extraction

IBM Lotus Domino R8 - Password Hash Extraction Exploit Title: IBM Lotus Domino = R8 Password Hash Extraction Exploit Google Dork: inurl:names.nsf?opendatabase Date: 02-24-2016 Exploit Author: Jonathan Broche Contact: https://twitter.com/g0jhonny Vendor Homepage:...

5CVSS0.4AI score0.73635EPSS
Exploits10
Exploit DB
Exploit DB
added 2016/02/25 12:0 a.m.134 views

IBM Lotus Domino R8 - Password Hash Extraction

Exploit Title: IBM Lotus Domino = R8 Password Hash Extraction Exploit Google Dork: inurl:names.nsf?opendatabase Date: 02-24-2016 Exploit Author: Jonathan Broche Contact: https://twitter.com/g0jhonny Vendor Homepage: https://www-01.ibm.com/software/lotus/category/messaging/ Tested on: Lotus Domino...

5CVSS6.4AI score0.73635EPSS
Exploits10
Prion
Prion
added 2007/02/16 1:28 a.m.25 views

Design/Logic Flaw

IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword hashes from names.nsf in a manner accessible through Readviewentries and OpenDocument requests to the defaultview view, a different vector than CVE-2005-2428...

7.1CVSS6.2AI score0.73635EPSS
Exploits10References2Affected Software1
d2
d2
added 2005/08/03 4:0 a.m.66 views

DSquare Exploit Pack: D2SEC_LOTUS_HASH

Name| d2seclotushash ---|--- CVE| CVE-2005-2428 Exploit Pack| D2ExploitPack Description| D2SEC Lotushash Notes|...

5CVSS1.8AI score0.73635EPSS
Exploits10
CVE
CVE
added 2005/08/03 4:0 a.m.131 views

CVE-2005-2428

Lotus Domino R5/R6 WebMail with Generate HTML for all fields enabled can reveal sensitive data via names.nsf hidden fields. The connected nuclei template documents information disclosure: password hashes in HTTPPassword, password-change date in HTTPPasswordChangeDate, and client release in ClntBl...

5CVSS5.8AI score0.73635EPSS
Exploits10References10Affected Software1
Rows per page
Query Builder