WordPress plugin Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin 安全特征问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin...

EUVD-2014-3495

Malware in sbrugna...

EUVD-2014-8355

Malware in sbrugna...

YesWiki Uses a Broken or Risky Cryptographic Algorithm

Summary The use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. Details Firstly, the salt used to hash the password reset key is hard-coded in the includes/services/UserManager.php file...

GHSA-4FVX-H823-38V3 YesWiki Uses a Broken or Risky Cryptographic Algorithm

Summary The use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. Details Firstly, the salt used to hash the password reset key is hard-coded in the includes/services/UserManager.php file...

PT-2024-34645 · Yeswiki · Yeswiki

Name of the Vulnerable Software and Affected Versions: YesWiki versions prior to 4.4.5 Description: The use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. This issue is due to the...

Deterministic proxy contract address with a hard-coded salt enables token theft.

Lines of code Vulnerability details Impact The retrieveProxyContractAddress function calculates the address of the proxy contract deterministically based only on the delegate address. An attacker could pre-compute proxy contract addresses for target delegates and steal tokens by transferring to...

in star7th/showdoc

✍️ Description The referenced code contains a hard-coded salt that is used for all passwords, ideally - a unique salt should be generated for each password and then would be stored alongside it as oppose to the constant one that is used for all passwords in the showdoc repository. 🕵️‍♂️ Proof of...

Juniper ATP has an unspecified vulnerability (CNVD-2019-39196)

Juniper Advanced Threat Prevention ATP is a suite of advanced threat protection platforms from Juniper Networks. The product supports malware detection, file analysis, and malicious IP address and URL blocking. A security vulnerability exists in Juniper ATP version 5.0.3 prior to version 5.0, whi...

Unspecified Vulnerability in DocuTrac QuicDoc and Office Therapy DTISQLInstaller.exe

DocuTrac QuicDoc and Office Therapy are both products of DocuTrac, Inc.DocuTrac QuicDoc is a behavioral health management software for healthcare teams.Office Therapy is an office practice management system.DTISQLInstaller.exe is one of the DTISQLInstaller.exe is one of the executable programs. A...

CVE-2018-5552

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper"...

CVE-2018-5552

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper"...

Hardcoded credentials

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper"...

CVE-2018-5552 DocuTrac DTISQLInstaller.exe Hard-Coded Salt

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper"...

CVE-2014-8518

The 1 Removable Media and 2 CD and DVD encryption offsite access options formerly Endpoint Encryption for Removable Media or EERM in McAfee File and Removable Media Protection FRP 4.3.0.x, and Endpoint Encryption for Files and Folders EEFF 3.2.x through 4.2.x, uses a hard-coded salt, which makes ...

CVE-2014-3489

lib/util/miq-password.rb in Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 uses a hard-coded salt, which makes it easier for remote attackers to guess passwords via a brute force attack...

CVE-2014-3489

lib/util/miq-password.rb in Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 uses a hard-coded salt, which makes it easier for remote attackers to guess passwords via a brute force attack...

CVE-2014-3489

CVE-2014-3489 affects Red Hat CloudForms 3.0 Management Engine (CFME); lib/util/miq-password.rb uses a hard-coded salt, enabling easier brute-force guessing of stored passwords by remote attackers. Documented impact: password guessing via brute force; exposure depends on access to stored credenti...

PT-2014-5355 · Red Hat · Red Hat Cloudforms

Name of the Vulnerable Software and Affected Versions: Red Hat CloudForms versions prior to 5.2.4.2 Description: The issue concerns the use of a hard-coded salt in a password management component, which could facilitate brute force attacks by remote attackers, making it easier to guess passwords...

CFME: Default salt value in miq-password.rb

lib/util/miq-password.rb in Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 uses a hard-coded salt, which makes it easier for remote attackers to guess passwords via a brute force attack...