7551 matches found
CVE-2017-6351
The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded manufacturer account...
CVE-2017-6351
The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded manufacturer account...
CVE-2017-6351
The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded manufacturer account...
CVE-2017-6351
WePresent WiPG-1500 devices (firmware up to 1.0.3.7) contain a hardcoded manufacturer account with a username/password. When DEBUG mode is enabled, an attacker can connect via telnet (port 5885) and log in using the hardcoded account abarco . This account is not documented, nor is the DEBUG featu...
CVE-2017-6403
An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. NetBackup Cloud Storage Service uses a hardcoded username and password...
Hardcoded credentials
An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. NetBackup Cloud Storage Service uses a hardcoded username and password...
Citrix Secure Mail - Customized SSL, Exported ContentProvider, Hardcoded secrets vulnerabilities
HackApp vulnerability scanner discovered that application Citrix Secure Mail published at the 'play' market has multiple vulnerabilities...
NETGEAR DGN2200v1v2v3v4 - dnslookup.cgi Remote Command Execution
NETGEAR DGN2200v1v2v3v4 - dnslookup.cgi Remote Command Execution !/usr/bin/python Provides access to default user account, privileges can be easily elevated by using either: - a kernel exploit ex. memodipper was tested and it worked - by executing /bin/bd suid backdoor present on SOME but not all...
Yappy - SMS on PC & Tablet - Dangerous filesystem permissions, Hardcoded secrets, MIT license vulnerabilities
HackApp vulnerability scanner discovered that application Yappy - SMS on PC & Tablet published at the 'play' market has multiple vulnerabilities...
Messaging SMS + MMS - Customized SSL, Dangerous filesystem permissions, Hardcoded secrets vulnerabilities
HackApp vulnerability scanner discovered that application Messaging SMS + MMS published at the 'play' market has multiple vulnerabilities...
QKSMS - Open Source SMS & MMS - Customized SSL, Hardcoded secrets vulnerabilities
HackApp vulnerability scanner discovered that application QKSMS - Open Source SMS & MMS published at the 'play' market has multiple vulnerabilities...
GO SMS Pro - Dangerous filesystem permissions, Exported ContentProvider, Hardcoded secrets vulnerabilities
HackApp vulnerability scanner discovered that application GO SMS Pro published at the 'play' market has multiple vulnerabilities...
AwSMS [BETA] - Customized SSL, Hardcoded secrets vulnerabilities
HackApp vulnerability scanner discovered that application AwSMS BETA published at the 'play' market has multiple vulnerabilities...
SMS+ (with Lock, Emoji, Spam) - Customized SSL, Hardcoded secrets, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application SMS+ with Lock, Emoji, Spam published at the 'play' market has multiple vulnerabilities...
EvolveSMS (Text Messaging) - Customized SSL, Dangerous filesystem permissions, Hardcoded secrets vulnerabilities
HackApp vulnerability scanner discovered that application EvolveSMS Text Messaging published at the 'play' market has multiple vulnerabilities...
YAATA SMS - Customized SSL, Exported ContentProvider, Hardcoded secrets vulnerabilities
HackApp vulnerability scanner discovered that application YAATA SMS published at the 'play' market has multiple vulnerabilities...
Candyland GO SMS - Dangerous filesystem permissions, Hardcoded secrets, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Candyland GO SMS published at the 'play' market has multiple vulnerabilities...
Hardcoded credentials
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed attacker controlled JavaScript to be run during the invocation of a private script method, which allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML pag...
Hardcoded credentials
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, resolved promises in an inappropriate context, which allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...
Hardcoded credentials
Google Chrome prior to 56.0.2924.76 for Linux incorrectly handled new tab page navigations in non-selected tabs, which allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...