18 matches found
CVE-2019-20457
An issue was discovered on Brother MFC-J491DW C1806180757 devices. The printer's web-interface password hash can be retrieved without authentication, because the response header of any failed login attempt returns an incomplete authorization cookie. The value of the authorization cookie is the MD...
EUVD-2009-0711
Malware in sbrugna...
CVE-2024-8933
CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause retrieval of password hash that could lead to denial of service and loss of confidentiality and integrity of controllers. To be successful, the attacker needs to...
CVE-2019-20457
The CVE-2019-20457 entry concerns Brother MFC-J491DW (firmware C1806180757). Affected component is the web interface where authentication can be bypassed to reveal the password hash. The underlying issue is that the response header after failed login attempts returns an incomplete authorization c...
IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval', 'Description' = %q| This module identifies IPMI 2.0-compatible systems and attempts to retrie...
RHEL 8 : idm:DL1 (RHSA-2024:3759)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3759 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and...
U.S. Dept Of Defense: [CVE-2021-29156] LDAP Injection at https://██████
Description: https://█████ is vulnerable to CVE-2021-29156 References https://hackerone.com/reports/1278050 https://nvd.nist.gov/vuln/detail/CVE-2021-29156 https://portswigger.net/research/hidden-oauth-attack-vectors...
CVE-2017-12173
It was found that sssd's sysdbsearchuserbyupnres function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this fla...
CVE-2017-12173
CVE-2017-12173 affects sssd: the sysdb_search_user_by_upn_res() function did not sanitize requests when querying the local cache, with versions before 1.16.0 vulnerable to injection. In centralized login environments, if a password hash is cached for a user, an authenticated attacker could retrie...
EulerOS 2.0 SP1 : sssd (EulerOS-SA-2017-1324)
According to the version of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In...
CVE-2013-0174
The external node classifier ENC API in Foreman before 1.1 allows remote attackers to obtain the hashed root password via an API request...
IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval
This module identifies IPMI 2.0-compatible systems and attempts to retrieve the HMAC-SHA1 password hashes of default usernames. The hashes can be stored in a file using the OUTPUTFILE option and then cracked using hmacsha1crack.rb in the tools subdirectory as well hashcat cpu 0.46 or newer using...
Arab Portal 2.2 (Auth Bypass) Blind SQL Injection Exploit
Exploit for unknown platform in category web applications ========================================================= Arab Portal 2.2 Auth Bypass Blind SQL Injection Exploit ========================================================= !/usr/bin/ruby ============================================= Arab...
TFT Gallery 0.10 - Password Disclosure
!/usr/bin/perl Copyright C undefined1 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or at your option any later version. This program is...
ASPNuke <= 0.80 (comment_post.asp) SQL Injection Exploit
Exploit for unknown platform in category web applications ======================================================== ASPNuke = 0.80 commentpost.asp SQL Injection Exploit ======================================================== !/usr/bin/perl -w SQL Injection Exploit for ASPNuke = 0.80 This exploit...
MyBloggie 2.1.1 2.1.2 - SQL Injection
MyBloggie 2.1.1 2.1.2 - SQL Injection !/usr/bin/perl -w SQL Injection Exploit for myBloggie 2.1.1 - 2.1.2 This exploit show the username of the administrator of the blog and his password crypted in MD5 Related advisories: Italian...
MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit
Exploit for unknown platform in category web applications ======================================================== MyBulletinBoard MyBB .?/ && print "+ User ID is: $1\n"; print "- Unable to retrieve User ID\n" if!$1; $page = m/.?/ && print "+ MD5 hash of password is: $1\n"; print "- Unable to...
phpMyFamily 1.4.0 - SQL Injection
phpMyFamily 1.4.0 - SQL Injection !/usr/bin/perl -w phpMyFamily Exploit injection ============================== $banner = "phpMyFamily Exploit injection \n\n============================== \n\nINFGPG-Hacking&Security Research"; Greats: AresU 1st IndoSec Team,ADZ Security Team has discovered bugs...