Barco wePresent WiPG-1600W Admin Credential Exposure Vulnerability

An attacker armed with hardcoded API credentials from KL-001-2020-004 CVE-2020-28329 can issue an authenticated query to display the admin password for the main web user interface listening on port 443/tcp for Barco wePresent WiPG-1600W version 2.5.1.8. Title: Barco wePresent Admin Credentials...

Barco wePresent Admin Credentials Exposed In Plain-text

Vulnerability Details Affected Vendor: Barco Affected Product: wePresent WiPG-1600W Affected Version: 2.5.1.8 Platform: Embedded Linux CWE Classification: CWE-523: Unprotected Transport of Credentials CVE ID: CVE-2020-28330 2. Vulnerability Description An attacker armed with hardcoded API...

Stock Management System 1.0 Cross Site Scripting

Exploit Title: Stock Management System v1.0 - Cross-Site Scripting Credential Harvester Login-Portal Exploit Author: Bobby Cooke Date: 2020-08-01 Vendor Homepage: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Software Link:...

GitHub Security Lab: [Java]: CWE-523 Insecure HSTS configuration

This bug was reported directly to GitHub Security Lab...

ABB Ellipse

CVSS v3 6.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: ABB Equipment: Ellipse Vulnerability: Unprotected Transport of Credentials AFFECTED PRODUCTS ABB reports that the vulnerability affects Ellipse 8.3 through Ellipse 8.9 released prior to December 2017 including Ellipse...