4 matches found
CVE-2026-34527 Sandboxie-Plus EditPassword hash entropy reduced from 160 bits to 80 bits due to incorrect nibble extraction
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, SbieIniServer::HashPassword converts a SHA-1 digest to hexadecimal incorrectly. The high nibble of each byte is shifted right by 8 instead of 4, which always produces zero for an 8-bit...
CVE-2026-34527
CVE-2026-34527 affects Sandboxie-Plus for Windows (versions 1.17.2 and earlier). The vulnerability arises in SbieIniServer::HashPassword, where the high nibble of each SHA-1 digest byte is extracted incorrectly (shifted by 8 instead of 4). This causes the stored EditPassword hash to preserve only...
CVE-2026-34527 Sandboxie-Plus EditPassword hash entropy reduced from 160 bits to 80 bits due to incorrect nibble extraction
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, SbieIniServer::HashPassword converts a SHA-1 digest to hexadecimal incorrectly. The high nibble of each byte is shifted right by 8 instead of 4, which always produces zero for an 8-bit...
Exero CMS 1.0.1 (theme) Multiple Local File Inclusion Vulnerabilities
No description provided by source. Exero CMS 1.0.1 theme Multiple Local File Inclusion Vulnerabilities Script : http://switch.dl.sourceforge.net/sourceforge/exerocms/ExeroCMS1-0-1.rar Home Page : http://ecms.getox.net/ POC : /ExeroCMS1-0-1/themes/Default/usercp/index.php?theme=Local File %00...