7579 matches found
CVE-2022-44097
CVE-2022-44097 affects Book Store Management System v1.0. The vulnerability arises from hardcoded credentials in the system, enabling attackers to escalate privileges and gain access to the admin panel. This is supported by multiple connected sources (RH Red Hat, NVD, CNNVD and others) describing...
PT-2022-27109 · Unknown · Book Store Management System
Name of the Vulnerable Software and Affected Versions: Book Store Management System version 1.0 Description: The issue concerns hardcoded credentials in the system, allowing attackers to escalate privileges and access the admin panel. Recommendations: For Book Store Management System version 1.0,...
CVE-2022-44096
Sanitization Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...
CVE-2022-44096
CVE-2022-44096 affects Sanitization Management System v1.0. The issue is due to hardcoded credentials in the system, enabling privilege escalation and admin-panel access. Multiple connected sources corroborate the vulnerability, including Red Hat and PT Security, which note credential leakage as ...
PT-2022-27108 · Unknown · Sanitization Management System
Name of the Vulnerable Software and Affected Versions: Sanitization Management System version 1.0 Description: The issue concerns hardcoded credentials in the system, allowing attackers to escalate privileges and access the admin panel. Recommendations: For Sanitization Management System version...
Hardcoded credentials
RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information...
Hardcoded credentials
Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the HTML content passed to the Browsershot::html method does not contain URL's that use the file:// protocol...
Hardcoded credentials
Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions from 1.015R to 1.095Z allows a remote unauthenticated attacker to obtain information about the project file for MELSEC safety CPU modules...
Hardcoded credentials
Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.090U and GT Designer3 Version1 GOT2000 versions from 1.122C to 1.290C allows an unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users may view programs and...
Hardcoded credentials
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project file or execute programs illegally...
GitLab Hardcoded Credentials (CVE-2022-1162)
A hardcoded credentials vulnerability exists in GitLab. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...
PT-2022-6022 · Zyxel · Zyxel Lte3301-M209
Name of the Vulnerable Software and Affected Versions: Zyxel LTE3301-M209 versions prior to V1.00ABLG.6C0 Description: A flaw in the Zyxel LTE3301-M209 firmware could allow a remote attacker to access the device using an improper pre-configured password if the remote administration feature has be...
Hardcoded credentials
It was discovered that Kibana was not sanitizing document fields containing HTML snippets. Using this vulnerability, an attacker with the ability to write documents to an elasticsearch index could inject HTML. When the Discover app highlighted a search term containing the HTML, it would be render...
Backdoor.Win32.Quux MVID-2022-0656 Hardcoded Credential
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/13ce53de9ca4c4e6c58f990b442cb419.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Quux Vulnerability: Weak Hardcoded Credentials Family: Quux Type: PE32 MD5:...
Hardcoded credentials
DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack... DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cau...
Hardcoded credentials
All versions of ETIC Telecom Remote Access Server RAS 4.5.0 and prior is vulnerable to malicious file upload. An attacker could take advantage of this to store malicious files on the server, which could override sensitive and useful existing files on the filesystem, fill the hard disk to full...
CVE-2021-34577
In the Kaden PICOFLUX AiR water meter an adversary can read the values through wireless M-Bus mode 5 with a hardcoded shared key while being adjacent to the device...
Hardcoded credentials
In the Kaden PICOFLUX AiR water meter an adversary can read the values through wireless M-Bus mode 5 with a hardcoded shared key while being adjacent to the device...
CVE-2021-34577 Hardcoded credentials in Kaden PICOFLUX AiR
In the Kaden PICOFLUX AiR water meter an adversary can read the values through wireless M-Bus mode 5 with a hardcoded shared key while being adjacent to the device...
CVE-2021-34577 Hardcoded credentials in Kaden PICOFLUX AiR
In the Kaden PICOFLUX AiR water meter an adversary can read the values through wireless M-Bus mode 5 with a hardcoded shared key while being adjacent to the device...