CVE-2011-0756

The application server in Trustwave WebDefend Enterprise before 5.0 uses hardcoded console credentials, which makes it easier for remote attackers to read security-event data by using the remote console GUI to connect to the management port...

CVE-2011-0756

Trustwave WebDefend Enterprise before 5.0 uses hardcoded console credentials in the application server, allowing remote attackers to connect via the management port through the remote console GUI and read security-event data. The linked Red Hat advisory confirms the same issue as CVE-2011-0756, a...

Hardcoded credentials

Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open Ticket Request System OTRS before 2.2.6, when the CustomerPanelOwnSelection and CustomerGroupSupport options are enabled, allows remote authenticated users to bypass intended access restrictions, and perform certain 1 list and 2...

Hardcoded credentials

Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes."...

Hardcoded credentials

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document...

Hardcoded credentials

Piwik before 1.1 does not prevent the rendering of the login form inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site...

ProFTPd 1.3.3c - Compromised Source Backdoor Remote Code Execution

== ProFTPD Compromise Report == On Sunday, the 28th of November 2010 around 20:00 UTC the main distribution server of the ProFTPD project was compromised. The attackers most likely used an unpatched security issue in the FTP daemon to gain access to the server and used their privileges to replace...

Hardcoded Password, Other Critical Bugs Found in Cisco UVC Software

There is a series of vulnerabilities in Cisco’s Unified Videoconferencing product, including a hardcoded password for several powerful accounts that can’t be changed or deleted. That bug and others disclosed Wednesday can be used to gain complete control of the device and possibly compromise othe...

Cisco Unified Videoconferencing multiple security vulnerabilities

Hardcoded user accounts, command execution, unauthorized access, password storing in reversible encryption, weak permissions, session hijacking, information leaks...

Google Android 2.0 2.1 - Code Execution (Reverse Shell 10.0.2.2:2222TCP)

Google Android 2.0 2.1 - Code Execution Reverse Shell 10.0.2.2:2222TCP // bug = webkit code execution CVE-2010-1807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807 // listed as a safari bug but also works on android : //tested = moto droid 2.0.1 , moto droid 2.1 , emulater 2.0 - 2.1...

Hardcoded credentials

Opera before 10.63 allows remote attackers to cause a denial of service application crash via a Flash movie with a transparent Window Mode aka wmode property, which is not properly handled during navigation away from the containing HTML document...

Hardcoded credentials

Google Chrome before 7.0.517.41 does not properly handle forms, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted HTML document...

win32/xp pro sp3 (EN) 32-bit - add new local administrator 113 bytes

Exploit for win32 platform in category shellcode ==================================================================== win32/xp pro sp3 EN 32-bit - add new local administrator 113 bytes ==================================================================== / Title: win32/xp pro sp3 EN 32-bit - add n...

win32/xp pro sp3 EN 32-bit - add new local administrator 113 bytes

win32/xp pro sp3 EN 32-bit - add new local administrator 113 bytes. Shellcode exploit for windows platform / Title: win32/xp pro sp3 EN 32-bit - add new local administrator 113 bytes Author: Anastasios Monachos secuid0 - anastasiosmatgmaildotcom Method: Hardcoded opcodes kernel32.winexec@7c8623ad...

Hardcoded credentials

loader/DocumentThreadableLoader.cpp in the XMLHttpRequest implementation in WebCore in WebKit before r58409 does not properly handle credentials during a cross-origin synchronous request, which has unspecified impact and remote attack vectors, aka rdar problem 7905150...

CVE-2010-2966

The INCLUDESECURITY functionality in Wind River VxWorks 6.x, 5.x, and earlier uses the LOGINUSERNAME and LOGINUSERPASSWORD aka LOGINPASSWORD parameters to create hardcoded credentials, which makes it easier for remote attackers to obtain access via a 1 telnet, 2 rlogin, or 3 FTP session...

Hardcoded credentials

The INCLUDESECURITY functionality in Wind River VxWorks 6.x, 5.x, and earlier uses the LOGINUSERNAME and LOGINUSERPASSWORD aka LOGINPASSWORD parameters to create hardcoded credentials, which makes it easier for remote attackers to obtain access via a 1 telnet, 2 rlogin, or 3 FTP session...

CVE-2010-2966

The CVE-2010-2966 issue affects Wind River VxWorks 6.x, 5.x, and earlier where INCLUDE_SECURITY uses LOGIN_USER_NAME and LOGIN_USER_PASSWORD (LOGIN_PASSWORD) to create hardcoded credentials. This enables remote authentication for (1) telnet, (2) rlogin, or (3) FTP sessions. Root cause is hardcode...

Microsoft Excel Stack Overflow

This is an exploit for MS10-038/CVE-2010-0822 Everything is hardcoded! winxp sp3 webDEViL w3bd3vilatgmaildot.com http://krash.in/excel1.xls Office 2007 - 12.0.4518.1014 MS10-038 bulletin states that Office 2007 is not vulnerable, lol import binascii...

Microsoft Excel 0x5D record Stack Overflow Vulnerability

No description provided by source. This is an exploit for MS10-038/CVE-2010-0822 Everything is hardcoded! winxp sp3 webDEViL w3bd3vilatgmaildot.com http://krash.in/excel1.xls Office 2007 - 12.0.4518.1014 MS10-038 bulletin states that Office 2007 is not vulnerable, lol import binascii...