14 matches found
EUVD-2018-7667
Malware in sbrugna...
CVE-2018-15807
POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be accessed through POSIM's "override" feature. This Override prompt expects a code that is computed locally using a deterministic algorithm. This code may be generated by an attacker and used to bypass a...
CVE-2018-15808
POSIM EVO 15.13 for Windows includes hardcoded database credentials for the "root" database user. "root" access to POSIM EVO's database may result in a breach of confidentiality, integrity, or availability or allow for attackers to remotely execute code on associated POSIM EVO clients...
POSIM EVO for Windows Arbitrary Code Execution Vulnerability
POSIM EVO for Windows is a point-of-sale POS and inventory management system. The system includes features such as customer information management, email marketing and inventory management. An arbitrary code execution vulnerability exists in version 15.13 of POSIM EVO for Windows-based platforms,...
CVE-2018-15808
POSIM EVO 15.13 for Windows includes hardcoded database credentials for the "root" database user. "root" access to POSIM EVO's database may result in a breach of confidentiality, integrity, or availability or allow for attackers to remotely execute code on associated POSIM EVO clients...
CVE-2018-15808
POSIM EVO 15.13 for Windows includes hardcoded database credentials for the "root" database user. "root" access to POSIM EVO's database may result in a breach of confidentiality, integrity, or availability or allow for attackers to remotely execute code on associated POSIM EVO clients...
CVE-2018-15807
POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be accessed through POSIM's "override" feature. This Override prompt expects a code that is computed locally using a deterministic algorithm. This code may be generated by an attacker and used to bypass a...
Design/Logic Flaw
POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be accessed through POSIM's "override" feature. This Override prompt expects a code that is computed locally using a deterministic algorithm. This code may be generated by an attacker and used to bypass a...
Hardcoded credentials
POSIM EVO 15.13 for Windows includes hardcoded database credentials for the "root" database user. "root" access to POSIM EVO's database may result in a breach of confidentiality, integrity, or availability or allow for attackers to remotely execute code on associated POSIM EVO clients...
CVE-2018-15807
POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be accessed through POSIM's "override" feature. This Override prompt expects a code that is computed locally using a deterministic algorithm. This code may be generated by an attacker and used to bypass a...
CVE-2018-15808
POSIM EVO 15.13 for Windows includes hardcoded database credentials for the "root" database user. "root" access to POSIM EVO's database may result in a breach of confidentiality, integrity, or availability or allow for attackers to remotely execute code on associated POSIM EVO clients...
CVE-2018-15807
POSIM EVO 15.13 for Windows contains an "Emergency Override" administrative account accessible via POSIM’s override feature. The Override prompt expects a code computed locally by a deterministic algorithm. An attacker could generate this code to bypass any POSIM EVO login prompt, enabling bypass...
CVE-2018-15808
POSIM EVO 15.13 for Windows stores hardcoded credentials for the root database user. This could give an attacker with network access to the POSIM EVO database the ability to access/modify data and potentially remotely execute code on POSIM EVO clients. Multiple sources document hardcoded credenti...
CVE-2018-15807
POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be accessed through POSIM's "override" feature. This Override prompt expects a code that is computed locally using a deterministic algorithm. This code may be generated by an attacker and used to bypass a...