CVE-2016-4520

Schneider Electric Pelco Digital Sentry Video Management System with firmware before 7.14 has hardcoded credentials, which allows remote attackers to obtain access, and consequently execute arbitrary code, via unspecified vectors...

Hardcoded credentials

Schneider Electric Pelco Digital Sentry Video Management System with firmware before 7.14 has hardcoded credentials, which allows remote attackers to obtain access, and consequently execute arbitrary code, via unspecified vectors...

CVE-2016-4520

Schneider Electric Pelco Digital Sentry Video Management System with firmware before 7.14 has hardcoded credentials, which allows remote attackers to obtain access, and consequently execute arbitrary code, via unspecified vectors...

CVE-2016-4520

CVE-2016-4520 affects Schneider Electric Pelco Digital Sentry Video Management System with firmware before 7.14, which contains hard-coded credentials that may allow remote attackers to gain access and, consequently, execute arbitrary code. The vulnerability is exploitable remotely over the netwo...

GSX Analyzer 10.12 / 11 - main.swf Hardcoded Superadmin Credentials

Exploit for windows platform in category web applications Exploit Title: GSX Analyzer hardcoded superadmin credentials in Main.swf Google Dork: inurl:"/Main.swf?cachebuster=" need to manually look for stringtitle "Loading GSX Analyzer ... 0%" Date: 12-07-16 Exploit Author: ndevnull Vendor Homepag...

GSX Analyzer 10.12 / 11 Backdoor Account

Exploit Title: GSX Analyzer hardcoded superadmin credentials in Main.swf Google Dork: inurl:"/Main.swf?cachebuster=" need to manually look for stringtitle "Loading GSX Analyzer ... 0%" Date: 12-07-16 Exploit Author: ndevnull Vendor Homepage: http://www.gsx.com/products/gsx-analyzer Software Link:...

Hardcoded credentials

Fonality previously trixbox Pro 12.6 through 14.1i before 2016-06-01 has a hardcoded password for the FTP account, which allows remote attackers to obtain access via a 1 FTP or 2 SSH connection...

Hardcoded credentials

NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from...

Hardcoded credentials

The Chrome HUDweb plugin before 2016-05-05 for Fonality previously trixbox Pro 12.6 through 14.1i uses the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from...

WooCommerce plugin for WordPress: source code security analysis report

Several vulnerabilities were discovered in WooThemes 'WooCommerce plugin for WordPress' software: File System Path Manipulation Using Global Variables Incorrect Newline Symbol Filtration in HTTP-response Headers Hardcoded Credentials...

CVE-2016-4328

MEDHOST Perioperative Information Management System aka PIMS or VPIMS before 2015R1 has hardcoded credentials, which makes it easier for remote attackers to obtain sensitive information via direct requests to the application database server...

Hardcoded credentials

MEDHOST Perioperative Information Management System aka PIMS or VPIMS before 2015R1 has hardcoded credentials, which makes it easier for remote attackers to obtain sensitive information via direct requests to the application database server...

CVE-2016-4328

MEDHOST Perioperative Information Management System aka PIMS or VPIMS before 2015R1 has hardcoded credentials, which makes it easier for remote attackers to obtain sensitive information via direct requests to the application database server...

CVE-2016-4328

CVE-2016-4328 affects MEDHOST PIMS (and related MEDHOST components) before 2015R1, where hard-coded credentials grant direct access to the customer database via the application server. Affected components include PIMS/VPIMS, with the CVSS indicating Critical impact (C/H, I/H, A/H) and NETWORK acc...

CVE-2016-2310

General Electric GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.0 and ML810, ML3000, and ML3100 switches with firmware before 5.5.0k have hardcoded credentials, which allows remote attackers to modify configuration settings via the web interface...

CVE-2016-2310

General Electric GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.0 and ML810, ML3000, and ML3100 switches with firmware before 5.5.0k have hardcoded credentials, which allows remote attackers to modify configuration settings via the web interface...

Hardcoded credentials

General Electric GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.0 and ML810, ML3000, and ML3100 switches with firmware before 5.5.0k have hardcoded credentials, which allows remote attackers to modify configuration settings via the web interface...

CVE-2016-2310

General Electric GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.0 and ML810, ML3000, and ML3100 switches with firmware before 5.5.0k have hardcoded credentials, which allows remote attackers to modify configuration settings via the web interface...

CVE-2016-2310

The CVE-2016-2310 issue affects GE Multilink switches (ML800, ML1200, ML1600, ML2400) with firmware before 5.5.0 and (ML810, ML3000, ML3100) with firmware before 5.5.0k. The underlying root cause is hardcoded credentials that allow remote attackers to modify configuration settings via the web int...

CVE-2016-4521

Sixnet BT-5xxx and BT-6xxx M2M devices before 3.8.21 and 3.9.x before 3.9.8 have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors...