7 matches found
CVE-2026-8926
When asking curl to use a .netrc file to find credentials and at the same time specifying a URL with a usernamewithout a password, like https://[email protected]/, curl could wrongly get and use the password for another user set in the .netrc file for that host if such a one exists and there is no...
EUVD-2026-41507
When asking curl to use a .netrc file to find credentials and at the same time specifying a URL with a usernamewithout a password, like https://[email protected]/, curl could wrongly get and use the password for another user set in the .netrc file for that host if such a one exists and there is no...
CVE-2020-28052
An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previously hashed ones that were different...
CVE-2019-18615
In CloudVision Portal CVP for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user password exposure. This only affects CVP environments where: 1. Devices have enable mode passwords which a...
Starbucks: Unable to register in starbucks IN app
unable to register since the passwords are unable to match.Check the attachment...
Joomla! 3.6.4 - Admin TakeOver Exploit
Exploit for php platform in category web applications !/usr/bin/python3 CVE-2016-9838: Joomla! = 3.6.4 Admin TakeOver cf import bs4 import requests import random ADMINID = 384 url = 'http://vmweb.lan/Joomla-3.6.4/' formurl = url + 'index.php/component/users/?view=registration' actionurl = url +...
Asterisk user account enumeration
Different replies on mismatched usernames and passwords...