8068 matches found
PT-2026-27973
Name of the Vulnerable Software and Affected Versions Addi – Cuotas que se adaptan a ti versions n/a through 2.0.4 Description A flaw exists in Addi – Cuotas que se adaptan a ti buy-now-pay-later-addi that allows for exploitation of the password recovery function due to the use of hard-coded...
IBM Concert 信任管理问题漏洞
IBM Concert is an enterprise-class collaboration and project management software from IBM. A security vulnerability exists in IBM Concert versions 1.0.0 through 2.2.0 that stems from fixed authentication information embedded in the software. An attacker could exploit the vulnerability to obtain...
PT-2026-28093
IBM Concert 1.0.0 through 2.2.0 contains hard-coded credentials that could be obtained by a local user...
EUVD-2026-14427
A vulnerability was determined in kalcaddle kodbox 1.64. Impacted is the function shareSafeGroup of the file /workspace/source-code/app/controller/explorer/shareOut.class.php of the component Site-level API key Handler. This manipulation of the argument sk causes use of hard-coded cryptographic k...
EUVD-2026-14411
Use of hard-coded credentials in Klinika XP and KlinikaXP Insertino allowed an unauthorized attacker access to several internal services. Critically, this included access to the FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious...
GHSA-HJ7X-HMF2-HC2P Harbor allows the use of the default password for web UI login
Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...
Harbor allows the use of the default password for web UI login
Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...
CVE-2026-4404
Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...
CVE-2026-4404
Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...
CVE-2026-4404
CVE-2026-4404 affects Harbor
CVE-2026-4404 Use of hard coded credentials in GoHarbor Harbor
Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...
CVE-2026-4588
A vulnerability was determined in kalcaddle kodbox 1.64. Impacted is the function shareSafeGroup of the file /workspace/source-code/app/controller/explorer/shareOut.class.php of the component Site-level API key Handler. This manipulation of the argument sk causes use of hard-coded cryptographic k...
CVE-2026-1958
Use of hard-coded credentials in Klinika XP and KlinikaXP Insertino allowed an unauthorized attacker access to several internal services. Critically, this included access to the FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious...
CVE-2026-4588
A vulnerability was determined in kalcaddle kodbox 1.64. Impacted is the function shareSafeGroup of the file /workspace/source-code/app/controller/explorer/shareOut.class.php of the component Site-level API key Handler. This manipulation of the argument sk causes use of hard-coded cryptographic k...
CVE-2026-4588 kalcaddle kodbox Site-level API key shareOut.class.php shareSafeGroup hard-coded key
A vulnerability was determined in kalcaddle kodbox 1.64. Impacted is the function shareSafeGroup of the file /workspace/source-code/app/controller/explorer/shareOut.class.php of the component Site-level API key Handler. This manipulation of the argument sk causes use of hard-coded cryptographic k...
CVE-2026-4588
The CVE affects kalcaddle kodbox 1.64, specifically the Site-level API key Handler via the function shareSafeGroup in /workspace/source-code/app/controller/explorer/shareOut.class.php. The root cause is manipulation of the argument sk which leads to the use of a hard-coded cryptographic key. The ...
CVE-2026-1958
Use of hard-coded credentials in Klinika XP and KlinikaXP Insertino allowed an unauthorized attacker access to several internal services. Critically, this included access to the FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious...
CVE-2026-1958 Hard-coded passwords in KlinikaXP
Use of hard-coded credentials in Klinika XP and KlinikaXP Insertino allowed an unauthorized attacker access to several internal services. Critically, this included access to the FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious...
CVE-2026-1958 Hard-coded passwords in KlinikaXP
Use of hard-coded credentials in Klinika XP and KlinikaXP Insertino allowed an unauthorized attacker access to several internal services. Critically, this included access to the FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious...
CVE-2026-1958
CVE-2026-1958 describes hard-coded credentials in KlinikaXP and KlinikaXP Insertino, enabling an unauthorized attacker to access internal services, notably the FTP server hosting update packages. The root cause is credentials embedded in the application, with exploitation potentially leading to u...