CVE-2025-11855

The age-restriction WordPress plugin through 3.0.2 does not have authorisation in the agerestrictionRemoteSupportRequest function, allowing any authenticated users, such as subscriber to create an admin user with a hardcoded username and arbitrary password...

EUVD-2025-74047

The age-restriction WordPress plugin through 3.0.2 does not have authorisation in the agerestrictionRemoteSupportRequest function, allowing any authenticated users, such as subscriber to create an admin user with a hardcoded username and arbitrary password...

CVE-2025-11855

The age-restriction WordPress plugin through 3.0.2 does not have authorisation in the agerestrictionRemoteSupportRequest function, allowing any authenticated users, such as subscriber to create an admin user with a hardcoded username and arbitrary password...

EUVD-2005-1839

Malware in sbrugna...

EUVD-2013-6805

Malware in sbrugna...

CVE-2019-20025

Certain builds of NEC SV9100 software could allow an unauthenticated, remote attacker to log into a device running an affected release with a hardcoded username and password, aka a Static Credential Vulnerability. The vulnerability is due to an undocumented user account with manufacturer privileg...

CVE-2020-13804

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows information disclosure of a hardcoded username and password in the DocuSign plugin...

CVE-2017-6351

The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded manufacturer account...

CVE-2017-6351

The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded manufacturer account...

CVE-2017-6351

WePresent WiPG-1500 devices (firmware up to 1.0.3.7) contain a hardcoded manufacturer account with a username/password. When DEBUG mode is enabled, an attacker can connect via telnet (port 5885) and log in using the hardcoded account abarco . This account is not documented, nor is the DEBUG featu...

Oracle VM Server Virtual Server Agent Command Injection

No description provided by source. $Id: oraclevmagentutl.rb 10821 2010-10-25 20:58:49Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...

CVE-2005-1837

Affected product: Fortinet FortiOS 2.x Fortinet firewall. Vulnerability: Hardcoded username with the password set to the device serial number, enabling local users with console access to gain privileges. Impact: Privilege escalation to higher privileges for local attackers. Root cause: Credential...

CVE-2005-1837

Fortinet firewall running FortiOS 2.x contains a hardcoded username with the password set to the serial number, which allows local users with console access to gain privileges...

CVE-2004-2557

NetGear WG602 aka WG602v1 Wireless Access Point 1.7.14 has a hardcoded account of username "superman" and password "21241036", which allows remote attackers to modify the configuration...

CVE-2004-0391

Cisco Wireless LAN Solution Engine WLSE 2.0 through 2.5 and Hosting Solution Engine HSE 1.7 through 1.7.3 have a hardcoded username and password, which allows remote attackers to add new users, modify existing users, and change configuration...