EUVD-2026-5093

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1...

CVE-2026-25202

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1...

SAMSUNG MagicINFO 9 Server 安全漏洞

SAMSUNG MagicINFO 9 Server is an enterprise-level digital signage content management and device monitoring platform developed by South Korean company Samsung. Previous versions of SAMSUNG MagicINFO 9 Server, such as 21.1090.1, contained security vulnerabilities. These vulnerabilities stemmed from...

PT-2026-5607

Name of the Vulnerable Software and Affected Versions MagicINFO 9 Server versions prior to 21.1090.1 Description The database account and password are hardcoded, which allows login with the account to manipulate the database. This compromises the integrity and confidentiality of the database...

CVE-2025-40537

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

xtream-ui-security-audit

🔐 Xtream UI Security Audit & Exploitation Framework !Python...

CVE-2026-24840

Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a hardcoded credential in the provided installation script located at https://dokploy.com/install.sh, line 154 uses a hardcoded password when creating the database container. This means that nearly all Dokpl...

CVE-2025-40537

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

CVE-2025-40537

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

CVE-2025-40537 SolarWinds Web Help Desk Hardcoded Credentials Vulnerability

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

EUVD-2025-206422

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

CVE-2025-40537

SolarWinds Web Help Desk (WHD) is affected by CVE-2025-40537, a hard-coded credentials vulnerability that could allow access to administrative functions. The issue is addressed in WHD version 2026.1 (fixes for multiple WHD flaws, including 40537). The CVE is discussed alongside related WHD flaws ...

CVE-2025-40537 SolarWinds Web Help Desk Hardcoded Credentials Vulnerability

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

CVE-2025-40537

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

CVE-2026-24840 Dokploy uses hardcoded credentials in installation script, which could result in database access

Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a hardcoded credential in the provided installation script located at https://dokploy.com/install.sh, line 154 uses a hardcoded password when creating the database container. This means that nearly all Dokpl...

CVE-2026-24840

CVE-2026-24840 affects Dokploy PaaS. In versions prior to 0.26.6, the installation script at install.sh contains a hardcoded database credential (line 154), causing nearly all deployments to share the same password and enabling potential compromise of the database container. Red Hat/NVD/CVE listi...

CVE-2026-24840 Dokploy uses hardcoded credentials in installation script, which could result in database access

Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a hardcoded credential in the provided installation script located at https://dokploy.com/install.sh, line 154 uses a hardcoded password when creating the database container. This means that nearly all Dokpl...

PT-2026-5072

Name of the Vulnerable Software and Affected Versions SolarWinds Web Help Desk versions prior to 12.8.1 Description SolarWinds Web Help Desk is susceptible to a hardcoded credentials issue that, in certain scenarios, could allow access to administrative functions. Attackers can identify exposed...

CVE-2025-59091

Multiple hardcoded credentials have been identified, which are allowed to sign-in to the exos 9300 datapoint server running on port 1004 and 1005. This server is used for relaying status information from and to the Access Managers. This information, among other things, is used to graphically...

CVE-2025-59103

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...