28 matches found
CVE-2026-6345
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 fail prevent disclosure of created user password which allows a malicious attacker to impersonate a user via the use of some of those passwords.. Mattermost Advisory ID: MMSA-2026-00614...
CVE-2025-13498 Download Manager <= 3.3.32 - Missing Authorization to Authenticated (Subscriber+) Media Attachment Password Disclosure
The Download Manager plugin for WordPress is vulnerable to unauthorized access of sensitive information in all versions up to, and including, 3.3.32. This is due to missing authorization and capability checks on the wpdmmediaaccess AJAX action. This makes it possible for authenticated attackers,...
EUVD-2025-4638
Malicious code in bioql PyPI...
EUVD-2022-0510
Malicious code in bioql PyPI...
CVE-2024-5916 PAN-OS: Cleartext Exposure of External System Secrets
An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets, passwords, and tokens to...
FOGProject 安全漏洞
FOGProject is a free open source network computer cloning and management solution from FOGProject Open Source. It can be used to deploy and manage any desktop operating system. A security vulnerability exists in FOGProject version 1.5.10.41.2, which stems from the potential disclosure of AD...
ICT Protege GX和ICT Protege WX 安全漏洞
ICT Protege GX and ICT Protege WX are both products of ICT Corporation.ICT Protege GX is an enterprise-grade integrated access control, intruder detection, and building automation solution with an easy-to-operate, easy-to-integrate, and easy-to-scalable feature set.ICT Protege WX is a game-changi...
KLA11669 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, perform cross-site scripting attack. Below is a complete list of vulnerabilities: 1. A memory corruption...
CVE-2019-17106
In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components...
CVE-2019-17106
In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components...
Default configuration
The Airbrake Ruby notifier 4.2.3 for Airbrake mishandles the blacklistkeys configuration option and consequently may disclose passwords to unauthorized actors. This is fixed in 4.2.4 also, 4.2.2 and earlier are unaffected...
CVE-2019-13458
CVE-2019-13458 affects Open Ticket Request System (OTRS) and its Community Edition: 7.0.x (up to 7.0.8), 5.0.x (up to 5.0.36) and 6.0.x (up to 6.0.19). An attacker with an agent login and appropriate permissions can abuse OTRS notification tags in templates to disclose hashed user passwords. Publ...
SOCA Access Control System 180612 - Information Disclosure
Exploit for php platform in category web applications SOCA Access Control System 180612 Information Disclosure Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and fingerprint...
Shodanwave - Explore & Obtain Information from Netwave IP Camera
Shodanwave is a tool for exploring and obtaining information from cameras specifically Netwave IP Camera. The tool uses a search engine called shodan that makes it easy to search for cameras online but not only that. Hack network cameras around the world, Very fun! What does the tool to? Look, a...
LG DVR LE6016D - Unauthenticated Remote Users/Passwords Disclosure Exploit
Exploit for hardware platform in category web applications !/usr/bin/perl LG DVR LE6016D unauthenticated remote users/passwords disclosure exploit Copyright 2015 c Todor Donev http://www.ethical-hacker.org/ Digital video recorder DVR surveillance is the use of cameras, often hidden or concealed,...
Morpheus <= 4.8 - Local Chat Passwords Disclosure Exploit
No description provided by source. / Morpheus 4.8 Local Chat Passwords Disclosure Exploit by Kozan Application: Morpheus 4.8 and probably prior versions Vendor: Streamcast Networks - www.streamcastnetworks.com Vulnerable Description: Morpheus 4.8 discloses chat passwords to local users. Discovere...
Information disclosure
The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, 8.5.2.1, 9.0, and 9.0.0.1, when a certain com.ibm.collaboration.realtime.telephony..level setting is used, logs cleartext passwords during Audio/Video chat sessions, which allows local users to obtain sensitive information by...
Dream FTP Server 1.02 File Disclosure
!/usr/bin/perl -w This Bug Similar to others found By My Friend : Stack = so special Thanx So You Can Exploit Arbitrary File Disclosure From The Server == You can use Stack's Exploit To do That But This Exploit i will get Users & Passwords Of The applicatin From : users.dat : C:\Program...
BolinTech DreamFTP Server 1.02 - 'users.dat' Arbitrary File Disclosure
!/usr/bin/perl -w This Bug Similar to others found By My Friend : Stack = so special Thanx So You Can Exploit Arbitrary File Disclosure From The Server == You can use Stack's Exploit To do That But This Exploit i will get Users & Passwords Of The applicatin From : users.dat : C:\Program...
PeerFTP 5 Local Password Disclosure Exploit
No description provided by source. / PeerFTP5 Local Exploit by Kozan Application: PeerFTP5 Vendor: Acute Websight Incorporated http://www.acutewebsight.com/peerftp5.htm Vulnerable Description: PeerFTP5 discloses passwords to local users. Coded by: Kozan Credits to ATmaCA Web : www.netmagister.com...