5 matches found
EUVD-2022-29898
Malicious code in bioql PyPI...
CVE-2025-52543 Login to the application services using only the password hash
E3 Site Supervisor Control firmware version 2.31F01 application services MGW and RCI uses client side hashing for authentication. An attacker can authenticate by obtaining only the password hash...
CVE-2023-33243
RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application's database generally has become be...
Multiple vulnerabilities in EXPRESSCLUSTER X
Overview WebManager/Cluster WebUI of EXPRESSCLUSTER X provided by NEC Corporation contains multiple vulnerabilities listed below. Missing authorization CWE-862 - CVE-2023-39544 Files or directories accessible to external parties CWE-552 - CVE-2023-39545 Use of password hash instead of password fo...
CVE-2017-7927
A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3,...