20 matches found
EUVD-2021-15176
Malware in sbrugna...
EUVD-2020-0064
Malware in sbrugna...
EUVD-2021-15177
Malware in sbrugna...
CVE-2019-10682
django-nopassword before 5.0.0 stores cleartext secrets in the database...
phpMyAdmin Improper Privilege Management
An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0 before 4.0.10.20, 4.4.x, 4.6.x, and 4.7.0 prereleases. The restrictions caused by $cfg'Servers'$i'AllowNoPassword' = false are bypassed under certain PHP versions e.g., version 5. This can allow the login of users who have no...
GHSA-5868-G58J-VRJ5 phpMyAdmin Improper Privilege Management
An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0 before 4.0.10.20, 4.4.x, 4.6.x, and 4.7.0 prereleases. The restrictions caused by $cfg'Servers'$i'AllowNoPassword' = false are bypassed under certain PHP versions e.g., version 5. This can allow the login of users who have no...
CVE-2021-28500
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration...
CVE-2021-28501
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration...
CVE-2021-28500
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration...
Design/Logic Flaw
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration...
CVE-2021-28500
CVE-2021-28500 affects Arista EOS; root cause is incorrect use of EOS AAA APIs by OpenConfig gNMI/gNOI and TerminAttr, allowing unrestricted device access for local nopassword users. Affected EOS releases span multiple trains; exploitation could occur when OpenConfig gNMI/gNOI is enabled (and/or ...
GHSA-37CF-R3W2-GJFW django-nopassword stores secrets in cleartext
django-nopassword before 5.0.0 stores cleartext secrets in the database...
django-nopassword stores secrets in cleartext
django-nopassword before 5.0.0 stores cleartext secrets in the database...
CVE-2019-10682
django-nopassword before 5.0.0 stores cleartext secrets in the database...
PYSEC-2020-229
django-nopassword before 5.0.0 stores cleartext secrets in the database...
PYSEC-2020-229
django-nopassword before 5.0.0 stores cleartext secrets in the database...
Default credentials
django-nopassword before 5.0.0 stores cleartext secrets in the database...
CVE-2019-10682
django-nopassword before 5.0.0 stores cleartext secrets in the database...
CVE-2019-10682
CVE-2019-10682 affects django-nopassword prior to 5.0.0, where cleartext secrets are stored in the database. The connected documents confirm this behavior but do not provide exploit details or remediation steps. The material indicates the impact is sensitive information disclosure due to the plai...
NoPassword by WiActs - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application NoPassword by WiActs published at the 'play' market has multiple vulnerabilities...