CVE-2026-40028

Hayabusa versions prior to 3.8.0 contain a cross-site scripting XSS vulnerability in its HTML report output that allows an attacker to execute arbitrary JavaScript when a user scans JSON-exported logs containing malicious content in the Computer field. An attacker can inject JavaScript into the...

CVE-2025-10639

The WorkExaminer Professional server installation comes with an FTP server that is used to receive the client logs on TCP port 12304. An attacker with network access to this port can use weak hardcoded credentials to login to the FTP server and modify or read data, log files and gain remote code...

EUVD-2025-35161

The WorkExaminer Professional server installation comes with an FTP server that is used to receive the client logs on TCP port 12304. An attacker with network access to this port can use weak hardcoded credentials to login to the FTP server and modify or read data, log files and gain remote code...

CVE-2025-10639

The WorkExaminer Professional server installation comes with an FTP server that is used to receive the client logs on TCP port 12304. An attacker with network access to this port can use weak hardcoded credentials to login to the FTP server and modify or read data, log files and gain remote code...

CVE-2025-10639 Usage of Hardcoded FTP Credentials EfficientLab WorkExaminer Professional

The WorkExaminer Professional server installation comes with an FTP server that is used to receive the client logs on TCP port 12304. An attacker with network access to this port can use weak hardcoded credentials to login to the FTP server and modify or read data, log files and gain remote code...

Work Examiner Professional 安全漏洞

Work Examiner Professional is an employee computer monitoring software from Work Examiner USA. A security vulnerability exists in Work Examiner Professional that stems from a lack of authentication checks on the server side, which could allow an unauthenticated attacker to bypass the login prompt...

Work Examiner Professional 安全漏洞

Work Examiner Professional is an employee computer monitoring software from Work Examiner USA. A security vulnerability exists in Work Examiner Professional that originates when traffic between the monitoring client, console, and server is transmitted in clear text, which could allow an attacker ...

Work Examiner Professional 安全漏洞

Work Examiner Professional is an employee computer monitoring software from Work Examiner USA. A security vulnerability exists in Work Examiner Professional that stems from the use of weakly hard-coded credentials by the FTP server, which could lead to data modification or reading and remote code...

Simple Exam Reviewer Management System SQL注入漏洞

Simple Exam Reviewer Management System is a simple examiner management system. version 1.0 of Simple Exam Reviewer Management System is vulnerable to SQL injection, which stems from a lack of validation of externally entered SQL statements in the id parameter. An attacker could use this...

CVE-2020-15931

Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator that is configured within the product in its installation state by generating a single Kerberos Pre-Authentication Failed ID 4771 event on a...

Authentication flaw

Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator that is configured within the product in its installation state by generating a single Kerberos Pre-Authentication Failed ID 4771 event on a...

CVE-2020-15931

Netwrix Account Lockout Examiner prior to 5.1 is affected. The issue enables remote attackers to capture the Domain Administrator’s Net-NTLMv1/v2 challenge hashes by eliciting a single Kerberos Pre-Authentication Failed (Event ID 4771) on a Domain Controller. Affected component is the Netwrix ALE...

Command Execution Vulnerability in Golden Examiner Exam Software PC Client Software

JinKaodian Exam Software is a simulation exam system launched by JinKaodian that completely restores the real exam site, providing high-quality test questions for vocational exams.The software contains chapter practice questions, past years' questions, simulation papers, prediction papers, and it...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Netwrix Account_Lockout_Examiner

CVE-2020-15931 Netwrix Account Lockout Examiner 4.1 Domai...

Exploit for Code Injection in Microsoft

CVEAssessments012020 CVE-2017-8759 Update DVR Examiner...

Online Malware & URL Analysis: MalSub

Online Malware & URL Analysis malsub is a Python 3.6.x framework that wraps several web services of online malware and URL analysis sites through their RESTful Application Programming Interfaces APIs . It supports submitting files or URLs for analysis, retrieving reports by hash values, domains,...

examiner-enterprise.com XSS vulnerability

Open Bug Bounty ID: OBB-216686 Description| Value ---|--- Affected Website:| examiner-enterprise.com Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:...

examiner-enterprise.com XSS vulnerability

Open Bug Bounty ID: OBB-197832 Description| Value ---|--- Affected Website:| examiner-enterprise.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

classifieds.thebarrieexaminer.com XSS vulnerability

Vulnerable URL: http://classifieds.thebarrieexaminer.com/barrie/all-categories/search?searchtype=advancedsearchkeyword=%22%3E%3Csvg%20onload=prompt%22OPENBUGBOUNTY%22%3E Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:| 24.11.2017 18:28 GMT Vulnerability...

Cyber Security Fraud in the Banking Industry: Lessons Learned in OCC Examiner Training

In late October 2011, Coalfire participated in a day of IT audit training with about 35 bank examiners. As you would expect, we covered a lot of previously hot topics. The conversation changed as we started talking about the amount of fraud being realized by community banks and credit unions...