Lucene search
K

992 matches found

CVE
CVE
added 2004/12/10 5:0 a.m.50 views

CVE-2004-1171

KDE 3.2.x and 3.3.0–3.3.2 store saved credentials (entered by user or via SMB handler) in plaintext in the user’s .desktop file, which may be world-readable and allow local users to obtain usernames/passwords for remote resources (e.g., SMB shares). Affected components include KDE core libraries ...

2.1CVSS6.2AI score0.0045EPSS
Exploits0References16Affected Software3
Cvelist
Cvelist
added 2004/12/10 5:0 a.m.34 views

CVE-2004-1171

KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are 1 manually entered by the user or 2 created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to...

6.1AI score0.0045EPSS
Exploits0References16
CVE
CVE
added 2004/09/01 4:0 a.m.42 views

CVE-2002-1479

Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php with world-readable permissions. This allows local users to modify databases as the Cacti user and potentially gain privileges. Affected product: Cacti (versions prior to 0.6.8). Root cause: credentials stored in p...

4.6CVSS6.6AI score0.00467EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.16 views

CVE-2002-1479

Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges...

6.6AI score0.00467EPSS
Exploits1References4
exploitpack
exploitpack
added 2004/03/01 12:0 a.m.21 views

Trillian Pro 2.01 - Design Error

Trillian Pro 2.01 - Design Error Trillian Pro Design Error Vendor: Cerulean Studios Product: Trillian Pro Version: !-- var username; username='plaintextusernamehere'; var password; password='plaintextpasswordhere'; function submit document.getEl...

0.1AI score
Exploits0
NVD
NVD
added 2003/12/31 5:0 a.m.12 views

CVE-2003-1476

Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local users to gain access...

2.1CVSS6.6AI score0.00287EPSS
Exploits0References2
securityvulns
securityvulns
added 2003/10/10 12:0 a.m.395 views

Planet WGSD-1020

Добрый день! Не знаю, может кто уже присылал... В свитчах Planet WGSD-1020 есть закладка. Пользователь superuser с паролем planet. В пользовательском интерфейсе он нигде не упоминается, но его видно в файле конфигурации кстати, несмотря на то, что файл конфигурации бинарный, имена и пароли там...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2003/08/18 12:0 a.m.21 views

DWebPro 3.4.1 - Http.ini Plaintext Password Storage

DWebPro 3.4.1 - Http.ini Plaintext Password Storage source: https://www.securityfocus.com/bid/8438/info A vulnerability has been reported to exist in the DWebPro web server software. This problem allows an attacker to view database authentication credentials by accessing a plain text file named...

7.4AI score
Exploits0
NVD
NVD
added 2003/06/09 4:0 a.m.17 views

CVE-2003-0329

CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could allow local users to gain privileges...

4.6CVSS6.5AI score0.00307EPSS
Exploits0References2
Cvelist
Cvelist
added 2003/05/23 4:0 a.m.19 views

CVE-2003-0342

BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, stores user names and passwords in plaintext in the blackmoon.mdb file, which can allow local users to gain privileges...

6.6AI score0.00312EPSS
Exploits0References1
Cvelist
Cvelist
added 2003/05/22 4:0 a.m.21 views

CVE-2003-0329

CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could allow local users to gain privileges...

6.5AI score0.00307EPSS
Exploits0References2
NVD
NVD
added 2003/04/22 4:0 a.m.13 views

CVE-2002-1479

Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges...

4.6CVSS6.6AI score0.00467EPSS
Exploits1References4
OSV
OSV
added 2003/04/22 4:0 a.m.6 views

CVE-2002-1479

Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges...

6.9AI score
Exploits0References8
Positive Technologies
Positive Technologies
added 2003/04/22 12:0 a.m.5 views

PT-2003-1215 · Cacti · Cacti

Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 0.6.8 Description: The issue allows local users to access a MySQL username and password stored in plaintext in the config.php file, which has world-readable permissions. This could enable users to modify databases as t...

4.6CVSS6.2AI score0.00467EPSS
Exploits1References8
exploitpack
exploitpack
added 2003/04/15 12:0 a.m.23 views

EZ Publish 2.2.73.0 - site.ini Information Disclosure

EZ Publish 2.2.73.0 - site.ini Information Disclosure source: https://www.securityfocus.com/bid/7347/info eZ Publish has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying site.ini configuration file. The file...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2003/04/14 12:0 a.m.12 views

Web Wiz Site News 3.6 - Information Disclosure

Web Wiz Site News 3.6 - Information Disclosure source: https://www.securityfocus.com/bid/7341/info Web Wiz Site News has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying Access database file that is used by the...

7.2AI score
Exploits0
Exploit DB
Exploit DB
added 2003/04/14 12:0 a.m.25 views

Web Wiz Site News 3.6 - Information Disclosure

source: https://www.securityfocus.com/bid/7341/info Web Wiz Site News has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying Access database file that is used by the Site News appplication. Site News administration...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/04/11 12:0 a.m.25 views

Ocean12 ASP Guestbook Manager 1.0 - Information Disclosure

source: https://www.securityfocus.com/bid/7328/info Ocean12 Guestbook Manager has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying Access database file that is used by the Guestbook Manager. Guestbook...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/04/11 12:0 a.m.11 views

Ocean12 ASP Guestbook Manager 1.0 - Information Disclosure

Ocean12 ASP Guestbook Manager 1.0 - Information Disclosure source: https://www.securityfocus.com/bid/7328/info Ocean12 Guestbook Manager has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying Access database file...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2002/11/07 12:0 a.m.14 views

CuteCast 1.2 - User Credential Disclosure

CuteCast 1.2 - User Credential Disclosure source: https://www.securityfocus.com/bid/6127/info It has been reported that the default configuration of CuteCast is insecure. According to the report, CuteCast stores user information in a publicly accessible directory. This includes plaintext...

7.4AI score
Exploits0
Rows per page
Query Builder