13 matches found
CVE-1999-0498
TFTP is not running in a restricted directory, allowing a remote attacker to access sensitive information such as password files...
CVE-2024-58302
FoF Pretty Mail 1.1.2 contains a local file inclusion vulnerability that allows administrative users to include arbitrary server files in email templates. Attackers can exploit the template settings by inserting file inclusion payloads to read sensitive system files like /etc/passwd during email...
EUVD-2017-5181
Malware in sbrugna...
EUVD-2022-39762
Malicious code in bioql PyPI...
Tenda CP3 Pro 安全漏洞
Tenda CP3 Pro is a smart wireless PTZ camera that combines 360° panoramic surveillance, 3MP HD camera, and Wi-Fi 6 network technology, and supports human/pet detection, cry detection, and one-button calling. Tenda CP3 Pro suffers from a security vulnerability that originates from the presence of ...
PT-2024-13698 · Precor · Precor Touchscreen Console
Name of the Vulnerable Software and Affected Versions: Precor touchscreen console versions P62, P80, and P82 Description: The issue allows a remote attacker to obtain sensitive information because the root password is stored in /etc/passwd. An attacker could exploit this to extract files and obta...
CVE-2021-37187
An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker may read a password file with reversible passwords from the device, which allows decoding of other users' passwords...
Design/Logic Flaw
Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to execute arbitrary commands with administrative privileges by retrieving credentials from this file...
CVE-2017-13664
CVE-2017-13664 affects iSmartAlarm CubeOne firmware prior to 2.2.4.8. The issue: a password file exposure in the firmware enables an attacker to retrieve credentials and execute arbitrary commands with administrative privileges. Impact described as arbitrary command execution with admin rights, e...
CVE-2017-13664
Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to execute arbitrary commands with administrative privileges by retrieving credentials from this file...
Ikonboard v2.1.7b "show files" vulnerability
Product: Ikonboard - Version: 2.1.7b - OS: Unix, NT - Vendor: Notified, http://www.ikonboard.com -= Summary =- This is another bug in the Ikonboard. Anyone can read any file on the remote system with the privileges of the web server. -= Problem =- File: help.cgi ---L.44--- $inhelpon = $query -...
WWWBoard passwd.txt Authentication Credential Disclosure
The remote host is running WWWBoard, a bulletin board system written by Matt Wright. This board system comes with a password file passwd.txt installed next to the file 'wwwboard.html'. An attacker may obtain the contents of this file and decode the password to modify the remote www board...
PT-1999-1187 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The NFS exports system-critical data to the world, including sensitive directories like the root directory / or a password file. Recommendations: At the moment, there is no information...