Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.14 views

EUVD-2007-6678

Malware in sbrugna...

6.8CVSS6.1AI score0.02389EPSS
Exploits1References15
RedhatCVE
RedhatCVE
added 2025/05/22 12:36 p.m.6 views

CVE-2010-1670

Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 has improper configuration options for authentication plugins associated with logins that use the single sign-on SSO functionality, which allows remote attackers to bypass authentication via an empty password. NOTE: some of these...

7.5CVSS7.3AI score0.01554EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2021/04/12 12:0 a.m.2 views

VulnCheck KEV: CVE-2019-13372

/web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6 allows remote attackers to execute arbitrary PHP code via a cookie because a cookie's username field allows eval injection, and an empty password bypasses authentication...

9.8CVSS7.6AI score0.80682EPSS
Exploits4References1
Positive Technologies
Positive Technologies
added 2018/11/20 12:0 a.m.5 views

PT-2018-3063 · D Link · D-Link Central Wifi Manager Cwm

Name of the Vulnerable Software and Affected Versions: D-Link Central WiFi Manager CWM100 versions prior to v1.03R0100 BETA6 Description: The issue is related to a flaw in the authentication procedure of the D-Link Central WiFi Manager CWM100. This flaw allows remote attackers to execute arbitrar...

10CVSS10AI score0.80682EPSS
Exploits4References9
RedHat Linux
RedHat Linux
added 2013/03/20 3:48 p.m.6 views

JBoss: allows empty password to authenticate against LDAP

The default configuration of the 1 LdapLoginModule and 2 LdapExtLoginModule modules in JBoss Enterprise Application Platform EAP 4.3.0 CP10, 5.2.0, and 6.0.1, and Enterprise Web Platform EWP 5.2.0 allow remote attackers to bypass authentication via an empty password...

7.5CVSS5.9AI score0.02344EPSS
Exploits0References4
Rows per page
Query Builder