318 matches found
Love fast router web Management page several vulnerabilities SQL blind injection, the plaintext stored passwords-bug warning-the black bar safety net
SQL blind injection, you can bypass the web page login authentication login default user name is admin. Password admin) I tested the ip is 1 9 2. 1 6 8. 1 6 8. 1:8 0,blind the url is http://192.168.168.1/login/x The user name of the payload is -1" OR 321=6 AND 0 0 0 1 6 7=0 0 0 1 6 7 -- The...
Cybertec Series 2000 3G Modem/Router WEB Interface Default Admin Password Vulnerability
The Cybertec Series 2000 3G Modem/Router is a 3G routing device. A default administrative account exists on the Cybertec Series 2000 3G Modem / Router WEB interface, which allows attackers to exploit a vulnerability to gain unauthorized access to the device...
Visual Mining NetCharts Server Remote Code Execution
This module exploits multiple vulnerabilities in Visual Mining NetCharts. First, a lack of input validation in the administration console permits arbitrary jsp code upload to locations accessible later through the web service. Authentication is typically required, however a 'hidden' user is...
ZKSoftware WebServer Default Admin Credentials (HTTP)
The ZKSoftware WebServer is using default admin credentials. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
nas4free Default Admin Credentials (HTTP)
The remote nas4free web interface is using known default credentials. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
McAfee Web Gateway User Interface Default Credentials
The remote McAfee Web Gateway user interface uses a known set of default credentials. Knowing these, an attacker with access to service can gain administrative access to the device. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
Multiple IP Video/Camera Server Default Admin Credentials (HTTP)
The remote IP Video/Camera server web interface is using known default credentials. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...
TYPO3 Default Admin Credentials (HTTP)
TYPO3 is using default admin credentials. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; ifdescription...
FTC Sues Wyndham Over Breaches Linked to $10m In Fraud
UPDATE: The U.S. Federal Trade Commission has fined Wyndham Hotels for a string of data breaches that resulted in information on hundreds of thousands of customers being lost to cyber criminals. An FTC complaint, filed on June 26, 2012, asks for “permanent injunctive relief” against Wyndham for...
Gold Coast Web Design SQL Injection
Exploit Title : Gold Coast Web Design Sql Injection Vulnerability Author : Secure-Land Security Team Discovered By : farbodmahini Home : Secure-Land.net Version : All Version Vendor : http://goldcoastwebdesign.com Contact : [email protected] , [email protected] Security Risk : High Dork ...
Plum CMS Blind SQL Injection
Coder : baltazar a.k.a b4ltazar CMS name : Plum CMS Site : http://www.plum-design.net && http://www.plum.rs Dork : Powered by PlumDesign : Powered by PlumDesign site:.rs : Powered by PlumDesign site:.com Admin panel : N/A Vulnerability : Sites design with Plum CMS suffers from blind SQL injection...
Admin Bot SQL Injection
Coder : baltazar a.k.a b4ltazar CMS name : Admin Bot Site : Flash2Web.com and carissimi.ch Dork : inurl:/news.php?wgo= Admin panel : http://www.site.com/admin Column number : 8 or 9 http://www.site.com/news.php?wgo=666+and+1=2+union+all+select+0,1,BALTAZAR,3,4,5,6,7,8-- Table : adminuser Columns ...
Concept Medya Admin Auth ByPass
Exploit for php platform in category web applications Exploit Title: Concept Medya Admin Auth ByPass Date: 13 June 2011 Author: CriminalCoder beyz4de.wordpress.com Category: webapps Google dork: inurl:loginkontrol.asp Tested on: Windows Xp SP3 Home: spyroot.in & rootarea.com + Default admin panel...
R7-0037: SAP BusinessObjects Axis2 Default Admin Password
R7-0037: SAP BusinessObjects Axis2 Default Admin Password October 13th, 2010 Description: The SAP BusinessObjects product contains a module dswsbobje.war which deploys Axis2 with an administrator account which is configured with a static password. As a result, anyone with access to the Axis2 port...
Rapid7 Security Advisory 37
R7-0037: SAP BusinessObjects Axis2 Default Admin Password October 13th, 2010 Description: The SAP BusinessObjects product contains a module dswsbobje.war which deploys Axis2 with an administrator account which is configured with a static password. As a result, anyone with access to the Axis2 port...
SAP BusinessObjects Axis2 Default Admin Password
Overview The Axis2 component of SAP BusinessObjects contains a default administrator account and password. Description The SAP BusinessObjects product contains a module dswsbobje.war which deploys Axis2 with an administrator account which is configured with a static password. As a result, anyone...
EPay Enterprise 4.13 - 'cid' SQL Injection
/ / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID ----------------------------------------------------------------------- EPay...
Apache OFBiz Default Admin Credentials (HTTP)
Apache OFBiz is using a default administrator username and password. Copyright C 2009 Christian Eric Edjenguele Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Blue Coat Reporter Default admin Credentials
Binary data 4701.prm...
Linksys WRT350N unauthorized access
Outdated SAMBA version is used, default admin:admin account is present and default guest account...