Lucene search
K

1001 matches found

Cvelist
Cvelist
added 2005/08/17 4:0 a.m.15 views

CVE-2004-2400

WinFTP Server 1.6 stores username and password credentials in plaintext in the data\user.wfd file, which allows local users to gain access to the credentials...

6.7AI score0.00336EPSS
Exploits0References5
CVE
CVE
added 2005/07/27 4:0 a.m.61 views

CVE-2005-2395

Affected software: Mozilla Firefox 1.0.4 and 1.0.5. Vulnerability type / cause: Firefox may not select the strongest available HTTP authentication challenge as required by RFC2617, potentially causing credentials to be sent in plaintext even when an encrypted channel exists. Impact (as stated): c...

5CVSS6.7AI score0.02375EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2005/04/13 4:0 a.m.35 views

CVE-2005-1094

CVE-2005-1094 affects FTP Now 2.6.14, where usernames and passwords are stored in plaintext in sites.xml and are world-readable. This constitutes a local privilege escalation risk for any local user able to read that file. The description does not provide exploit details, affected versions beyond...

4.6CVSS7AI score0.00744EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/04/13 4:0 a.m.18 views

CVE-2005-1092

Lightspeed DeluxeFTP 6.01 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges...

6.6AI score0.00874EPSS
Exploits1References4
CVE
CVE
added 2005/04/13 4:0 a.m.45 views

CVE-2005-1092

Lightspeed DeluxeFTP 6.01 stores usernames and passwords in plaintext in sites.xml, which is world-readable. This allows local users to access credentials and potentially gain privileges. No explicit exploit details or fixed version are provided in the connected documents; remediation is not spec...

7.2CVSS7AI score0.00874EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2005/03/01 5:0 a.m.14 views

CVE-2005-0604

lnss.exe in GFI Languard Network Security Scanner 5.0 stores the username and password in memory in plaintext, which could allow local administrators to obtain domain administrator credentials...

6.4AI score0.00416EPSS
Exploits1References2
NVD
NVD
added 2005/01/10 5:0 a.m.29 views

CVE-2004-1171

KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are 1 manually entered by the user or 2 created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to...

2.1CVSS6.3AI score0.0045EPSS
Exploits0References16
securityvulns
securityvulns
added 2005/01/06 12:0 a.m.31 views

IBM DB2 Windows Permission Problems (#NISR05012005F)

NGSSoftware Insight Security Research Advisory Name: IBM DB2 Windows Permission Problems Systems Affected: DB2 8.1 Severity: High risk from local Vendor URL: http://www.ibm.com/ Author: Chris Anley chris at ngssoftware.com Relates to: http://www.ngssoftware.com/advisories/db2-02.txt Date of Publi...

0.1AI score
Exploits0
NVD
NVD
added 2004/12/31 5:0 a.m.13 views

CVE-2004-2400

WinFTP Server 1.6 stores username and password credentials in plaintext in the data\user.wfd file, which allows local users to gain access to the credentials...

2.1CVSS6.7AI score0.00336EPSS
Exploits0References5
Cvelist
Cvelist
added 2004/12/10 5:0 a.m.36 views

CVE-2004-1171

KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are 1 manually entered by the user or 2 created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to...

6.1AI score0.0045EPSS
Exploits0References16
CVE
CVE
added 2004/12/10 5:0 a.m.51 views

CVE-2004-1171

KDE 3.2.x and 3.3.0–3.3.2 store saved credentials (entered by user or via SMB handler) in plaintext in the user’s .desktop file, which may be world-readable and allow local users to obtain usernames/passwords for remote resources (e.g., SMB shares). Affected components include KDE core libraries ...

2.1CVSS6.2AI score0.0045EPSS
Exploits0References16Affected Software3
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.16 views

CVE-2002-1479

Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges...

6.6AI score0.00467EPSS
Exploits1References4
CVE
CVE
added 2004/09/01 4:0 a.m.42 views

CVE-2002-1479

Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php with world-readable permissions. This allows local users to modify databases as the Cacti user and potentially gain privileges. Affected product: Cacti (versions prior to 0.6.8). Root cause: credentials stored in p...

4.6CVSS6.6AI score0.00467EPSS
Exploits1References4Affected Software1
exploitpack
exploitpack
added 2004/03/01 12:0 a.m.23 views

Trillian Pro 2.01 - Design Error

Trillian Pro 2.01 - Design Error Trillian Pro Design Error Vendor: Cerulean Studios Product: Trillian Pro Version: !-- var username; username='plaintextusernamehere'; var password; password='plaintextpasswordhere'; function submit document.getEl...

0.1AI score
Exploits0
NVD
NVD
added 2003/12/31 5:0 a.m.14 views

CVE-2003-1476

Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local users to gain access...

2.1CVSS6.6AI score0.00287EPSS
Exploits0References2
securityvulns
securityvulns
added 2003/10/10 12:0 a.m.397 views

Planet WGSD-1020

Добрый день! Не знаю, может кто уже присылал... В свитчах Planet WGSD-1020 есть закладка. Пользователь superuser с паролем planet. В пользовательском интерфейсе он нигде не упоминается, но его видно в файле конфигурации кстати, несмотря на то, что файл конфигурации бинарный, имена и пароли там...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2003/08/18 12:0 a.m.21 views

DWebPro 3.4.1 - Http.ini Plaintext Password Storage

DWebPro 3.4.1 - Http.ini Plaintext Password Storage source: https://www.securityfocus.com/bid/8438/info A vulnerability has been reported to exist in the DWebPro web server software. This problem allows an attacker to view database authentication credentials by accessing a plain text file named...

7.4AI score
Exploits0
NVD
NVD
added 2003/06/09 4:0 a.m.17 views

CVE-2003-0329

CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could allow local users to gain privileges...

4.6CVSS6.5AI score0.00307EPSS
Exploits0References2
Cvelist
Cvelist
added 2003/05/23 4:0 a.m.20 views

CVE-2003-0342

BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, stores user names and passwords in plaintext in the blackmoon.mdb file, which can allow local users to gain privileges...

6.6AI score0.00312EPSS
Exploits0References1
Cvelist
Cvelist
added 2003/05/22 4:0 a.m.21 views

CVE-2003-0329

CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could allow local users to gain privileges...

6.5AI score0.00307EPSS
Exploits0References2
Rows per page
Query Builder