Lucene search
K

15 matches found

OSV
OSV
added 2026/01/23 9:15 p.m.4 views

CVE-2025-52026

An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 ...

7.5CVSS5.9AI score0.00275EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-1003

Malware in sbrugna...

5CVSS6.2AI score0.01116EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-1883

Malware in sbrugna...

6.8CVSS6.4AI score0.01264EPSS
Exploits1References6
NVD
NVD
added 2020/05/04 2:15 p.m.26 views

CVE-2020-8791

The OKLOK 3.1.1 mobile companion app for Fingerprint Bluetooth Padlock FB50 2.3 allows remote attackers to submit API requests using authenticated but unauthorized tokens, resulting in IDOR issues. A remote attacker can use their own token to make unauthorized API requests on behalf of arbitrary...

6.5CVSS6.5AI score0.01022EPSS
Exploits1References1
NVD
NVD
added 2015/04/03 10:59 a.m.20 views

CVE-2015-0995

Inductive Automation Ignition 7.7.2 uses MD5 password hashes, which makes it easier for context-dependent attackers to obtain access via a brute-force attack...

5CVSS6.5AI score0.01116EPSS
Exploits0References1
Prion
Prion
added 2015/04/03 10:59 a.m.15 views

Default credentials

Inductive Automation Ignition 7.7.2 uses MD5 password hashes, which makes it easier for context-dependent attackers to obtain access via a brute-force attack...

5CVSS7AI score0.01116EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2013/08/16 2:1 p.m.28 views

CVE-2013-5097

Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, a...

4CVSS5.9AI score0.0134EPSS
Exploits0References2
Prion
Prion
added 2013/08/16 2:1 p.m.25 views

Design/Logic Flaw

Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, a...

4CVSS6.4AI score0.0134EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2008/06/29 12:0 a.m.21 views

sebraccms-sql.txt

Name: SebracCMS Webiste: http://www.sebrac.netsons.org/cms/ Vulnerability type: SQL Injection Author: shinmai, 2008-06-28 Description: SebracCMS contains two major SQL injection vulnerabilities: Unsanitazed POST-variables in SQL queries when logging users in. This allows login access without prop...

7.4AI score
Exploits0
Prion
Prion
added 2008/04/18 3:5 p.m.14 views

Design/Logic Flaw

The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it easier for remote attackers to access accounts via a modified client that skips the javascript/md5.js hash calculation, and instead sends an arbitrary MD5 string...

6.8CVSS7.4AI score0.01264EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2008/04/18 3:0 p.m.22 views

CVE-2008-1883

The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it easier for remote attackers to access accounts via a modified client that skips the javascript/md5.js hash calculation, and instead sends an arbitrary MD5 string...

6.9AI score0.01264EPSS
Exploits1References5
0day.today
0day.today
added 2006/03/18 12:0 a.m.67 views

Nodez <= 4.6.1.1 Mercury Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ======================================================== Nodez = 4.6.1.1 Mercury Multiple Remote Vulnerabilities ======================================================== !/usr/bin/php -q -d shortopentag=on ? echo "Nodez 4.6.1.1 Mercury...

7.1AI score
Exploits0
NVD
NVD
added 2006/01/22 8:3 p.m.9 views

CVE-2006-0370

Noah Medling RCBlog 1.03 stores the data and config directories under the web root with insufficient access control, which allows remote attackers to view account names and MD5 password hashes...

5CVSS6.7AI score0.01721EPSS
Exploits1References7
Prion
Prion
added 2006/01/22 8:3 p.m.15 views

Improper access control

Noah Medling RCBlog 1.03 stores the data and config directories under the web root with insufficient access control, which allows remote attackers to view account names and MD5 password hashes...

5CVSS7AI score0.01721EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2006/01/22 8:0 p.m.25 views

CVE-2006-0370

Noah Medling RCBlog 1.03 stores the data and config directories under the web root with insufficient access control, which allows remote attackers to view account names and MD5 password hashes...

6.7AI score0.01721EPSS
Exploits1References7
Rows per page
Query Builder