889 matches found
CVE-2021-27124
SQL injection in the expertise parameter in searchresult.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack...
CVE-2021-27124
Doctor Appointment System 1.0 is affected by an SQL injection in the expertise parameter of search_result.php. The vulnerability arises from insufficient input validation, allowing an authenticated patient user to execute arbitrary SQL and dump database credentials, implying potential data leakag...
SolarWinds Orion Platform < 2020.2.4 Multiple Vulnerabilities
According to its self-reported version number, the version of SolarWinds Orion Platform is prior to 2020.2.4. It is, therefore, affected by multiple vulnerabilities: - The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ Microsoft Message Queue and doesn't set permissions ...
CVE-2021-25275
SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login...
CVE-2021-25275
SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login...
Sql injection
SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login...
CVE-2021-25275
SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login...
Solarflare - SolarWinds Orion Account Audit / Password Dumping Utility
Credential Dumping Tool for SolarWinds Orion Blog post: https://malicious.link/post/2020/solarflare-release-password-dumper-for-solarwinds-orion/ Credit to @asolino, @gentilkiwi, and @skelsec for helping me figuring out DPAPI. ============================================ | Collecting RabbitMQ...
CVE-2020-23490
There was a local file disclosure vulnerability in AVideo 8.9 via the proxy streaming. An unauthenticated attacker can exploit this issue to read an arbitrary file on the server. Which could leak database credentials or other sensitive information such as /etc/passwd file...
CVE-2020-23490
There was a local file disclosure vulnerability in AVideo 8.9 via the proxy streaming. An unauthenticated attacker can exploit this issue to read an arbitrary file on the server. Which could leak database credentials or other sensitive information such as /etc/passwd file...
Arbitrary file deletion
There was a local file disclosure vulnerability in AVideo 8.9 via the proxy streaming. An unauthenticated attacker can exploit this issue to read an arbitrary file on the server. Which could leak database credentials or other sensitive information such as /etc/passwd file...
CVE-2020-23490
There was a local file disclosure vulnerability in AVideo 8.9 via the proxy streaming. An unauthenticated attacker can exploit this issue to read an arbitrary file on the server. Which could leak database credentials or other sensitive information such as /etc/passwd file...
Wwbn Avideo Information Disclosure Vulnerability
Wwbn Avideo is a video platform builder written in PHP by the Wwbn team. A security vulnerability exists in AVideo versions prior to 8.9, which stems from the presence of a local file disclosure vulnerability. An attacker could use this vulnerability to read arbitrary files on the server. This...
BSA-2020-1076
Security Advisory ID : BSA-2020-1076 Component : Database credentials Revision : 1.1 Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability. Database credentials are stored in plaintext in a configuration file. An unauthenticated malicious user with access to th...
PT-2020-15455 · Jenkins · Jenkins Pipeline Maven Integration Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline Maven Integration Plugin versions 3.8.2 and earlier Description: A missing permission check in the plugin allows users with Overall/Read access to connect to an attacker-specified JDBC URL using attacker-specified credentials...
FreeBSD : typo3 -- multiple vulnerabilities (eab964f8-d632-11ea-9172-4c72b94353b5)
Typo3 Team reports : In case an attacker manages to generate a valid cryptographic message authentication code HMAC-SHA1 - either by using a different existing vulnerability or in case the internal encryptionKey was exposed - it is possible to retrieve arbitrary files of a TYPO3 installation. Thi...
CVE-2020-15099
In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and greater than or equal to 10.0.0 and less than 10.4.6, in a case where an attacker manages to generate a valid cryptographic message authentication code HMAC-SHA1 - either by using a different existing vulnerability or in case t...
CVE-2020-15099
In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and greater than or equal to 10.0.0 and less than 10.4.6, in a case where an attacker manages to generate a valid cryptographic message authentication code HMAC-SHA1 - either by using a different existing vulnerability or in case t...
PT-2020-14183 · Typo3 · Typo3/Cms
Name of the Vulnerable Software and Affected Versions: TYPO3 CMS versions 9.0.0 through 9.5.19 TYPO3 CMS versions 10.0.0 through 10.4.5 Description: In a case where an attacker manages to generate a valid cryptographic message authentication code HMAC-SHA1 - either by using a different existing...
Potential Privilege Escalation
In case an attacker manages to generate a valid cryptographic message authentication code HMAC-SHA1 - either by using a different existing vulnerability or in case the internal encryptionKey was exposed - it is possible to retrieve arbitrary files of a TYPO3 installation. This includes the...