Lucene search
K

1002 matches found

Cvelist
Cvelist
added 2003/05/22 4:0 a.m.22 views

CVE-2003-0329

CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could allow local users to gain privileges...

6.5AI score0.00307EPSS
Exploits0References2
OSV
OSV
added 2003/04/22 4:0 a.m.7 views

CVE-2002-1479

Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges...

6.9AI score
Exploits0References8
NVD
NVD
added 2003/04/22 4:0 a.m.14 views

CVE-2002-1479

Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges...

4.6CVSS6.6AI score0.00467EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2003/04/22 12:0 a.m.5 views

PT-2003-1215 · Cacti · Cacti

Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 0.6.8 Description: The issue allows local users to access a MySQL username and password stored in plaintext in the config.php file, which has world-readable permissions. This could enable users to modify databases as t...

4.6CVSS6.2AI score0.00467EPSS
Exploits1References8
exploitpack
exploitpack
added 2003/04/15 12:0 a.m.24 views

EZ Publish 2.2.73.0 - site.ini Information Disclosure

EZ Publish 2.2.73.0 - site.ini Information Disclosure source: https://www.securityfocus.com/bid/7347/info eZ Publish has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying site.ini configuration file. The file...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2003/04/14 12:0 a.m.14 views

Web Wiz Site News 3.6 - Information Disclosure

Web Wiz Site News 3.6 - Information Disclosure source: https://www.securityfocus.com/bid/7341/info Web Wiz Site News has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying Access database file that is used by the...

7.2AI score
Exploits0
Exploit DB
Exploit DB
added 2003/04/14 12:0 a.m.29 views

Web Wiz Site News 3.6 - Information Disclosure

source: https://www.securityfocus.com/bid/7341/info Web Wiz Site News has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying Access database file that is used by the Site News appplication. Site News administration...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/04/11 12:0 a.m.13 views

Ocean12 ASP Guestbook Manager 1.0 - Information Disclosure

Ocean12 ASP Guestbook Manager 1.0 - Information Disclosure source: https://www.securityfocus.com/bid/7328/info Ocean12 Guestbook Manager has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying Access database file...

7.2AI score
Exploits0
Exploit DB
Exploit DB
added 2003/04/11 12:0 a.m.25 views

Ocean12 ASP Guestbook Manager 1.0 - Information Disclosure

source: https://www.securityfocus.com/bid/7328/info Ocean12 Guestbook Manager has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying Access database file that is used by the Guestbook Manager. Guestbook...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/11/07 12:0 a.m.16 views

CuteCast 1.2 - User Credential Disclosure

CuteCast 1.2 - User Credential Disclosure source: https://www.securityfocus.com/bid/6127/info It has been reported that the default configuration of CuteCast is insecure. According to the report, CuteCast stores user information in a publicly accessible directory. This includes plaintext...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/11/07 12:0 a.m.35 views

CuteCast 1.2 - User Credential Disclosure

source: https://www.securityfocus.com/bid/6127/info It has been reported that the default configuration of CuteCast is insecure. According to the report, CuteCast stores user information in a publicly accessible directory. This includes plaintext credentials...

7AI score
Exploits0
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.19 views

CVE-2002-0933

Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords in plaintext in a cookie, which could allow remote attackers to gain privileges via Cross-site scripting or sniffing attacks...

6.7AI score0.01571EPSS
Exploits0References3
NVD
NVD
added 2002/06/25 4:0 a.m.19 views

CVE-2002-0345

Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\params registry key, which could allow an attacker to gain privileges...

7.5CVSS6.8AI score0.01637EPSS
Exploits1References4
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.22 views

CVE-2000-0087

Netscape Mail Notification nsnotify utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext...

6.6AI score0.01344EPSS
Exploits0References2
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.23 views

CVE-2001-1336

CesarFTP 0.98b and earlier stores usernames and passwords in plaintext in the settings.ini file, which allows attackers to gain privileges...

6.8AI score0.01316EPSS
Exploits0References3
NVD
NVD
added 2001/10/18 4:0 a.m.12 views

CVE-2001-0768

GuildFTPd 0.9.7 stores user names and passwords in plaintext in the default.usr file, which allows local users to gain privileges as other FTP users by reading the file...

4.6CVSS6.5AI score0.00326EPSS
Exploits0References3
Cvelist
Cvelist
added 2001/10/12 4:0 a.m.27 views

CVE-2001-0768

GuildFTPd 0.9.7 stores user names and passwords in plaintext in the default.usr file, which allows local users to gain privileges as other FTP users by reading the file...

6.5AI score0.00326EPSS
Exploits0References3
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.20 views

CVE-1999-1344

AutoFTP.pl script in AutoFTP 0.2 stores usernames and passwords in plaintext in the autoftp.conf configuration file...

6.5AI score0.01154EPSS
Exploits0References1
NVD
NVD
added 2001/08/31 4:0 a.m.21 views

CVE-2000-1199

PostgreSQL stores usernames and passwords in plaintext in 1 pgshadow and 2 pgpwd, which allows attackers with sufficient privileges to gain access to databases...

4.6CVSS6.7AI score0.00912EPSS
Exploits1References3
NVD
NVD
added 2001/05/28 4:0 a.m.23 views

CVE-2001-1336

CesarFTP 0.98b and earlier stores usernames and passwords in plaintext in the settings.ini file, which allows attackers to gain privileges...

7.5CVSS6.8AI score0.01316EPSS
Exploits0References3
Rows per page
Query Builder