CVE-2013-5208

HR Systems Strategies info:HR HRIS 7.9 does not properly protect the database password, which allows local users to bypass intended database restrictions by accessing the USERPW registry key and bypassing an unspecified obfuscation technique...

Google OAuth Vulnerability Exposes Millions via Failed Startup Domains

New research has pulled back the curtain on a "deficiency" in Google's "Sign in with Google" authentication flow that exploits a quirk in domain ownership to gain access to sensitive data. "Google's OAuth login doesn't protect against someone purchasing a failed startup's domain and using it to...

CVE-2013-5208

HR Systems Strategies info:HR HRIS 7.9 does not properly protect the database password, which allows local users to bypass intended database restrictions by accessing the USERPW registry key and bypassing an unspecified obfuscation technique...

Design/Logic Flaw

HR Systems Strategies info:HR HRIS 7.9 does not properly protect the database password, which allows local users to bypass intended database restrictions by accessing the USERPW registry key and bypassing an unspecified obfuscation technique...

CVE-2013-5208

CVE-2013-5208 affects HR Systems Strategies info:HR HRIS 7.9, where the database password is stored in a registry key (USERPW) with weak obfuscation. This enables a local attacker to read/decipher the password and gain full control of the database and application, including access to PII. Vendor ...

CVE-2013-5208

HR Systems Strategies info:HR HRIS 7.9 does not properly protect the database password, which allows local users to bypass intended database restrictions by accessing the USERPW registry key and bypassing an unspecified obfuscation technique...