3096 matches found
CVE-2021-39249
Invision Community aka IPS Community Suite or IP-Board before 4.6.5.1 allows reflected XSS because the filenames of uploaded files become predictable through a brute-force attack against the PHP mtrand function...
CVE-2021-38606
reNgine through 0.5 relies on a predictable directory name...
Directory traversal
reNgine through 0.5 relies on a predictable directory name...
reNgine 安全特征问题漏洞
reNgine is an automated reconnaissance framework for gathering information during penetration testing of web applications. A security vulnerability exists in reNgine version 0.5 and earlier versions that stems from reNgine's reliance on predictable directory names...
PT-2021-22240 · Rengine · Rengine
Name of the Vulnerable Software and Affected Versions: reNgine versions 0.5 and earlier Description: The issue is related to reNgine relying on a predictable directory name. Recommendations: For versions 0.5 and earlier, consider renaming or randomizing directory names to mitigate the risk of...
Insecure Random Number Generation
yiisoft/yii2 is using insecure random number generation. The vulnerability exists because it uses the function mtrand in CaptchaAction.php which is a predictable Random Number algorithm for random bytes and int generation...
CVE-2021-3692
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...
CVE-2021-3692
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...
Code injection
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...
CVE-2021-3692 Use of Predictable Algorithm in Random Number Generator in yiisoft/yii2
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...
CVE-2021-3692
CVE-2021-3692 affects yiisoft/yii2 (and related versions) with a vulnerability described as Use of Predictable Algorithm in Random Number Generator. Public sources consistently point to insecure RNG usage, notably the use of mt_rand() in code paths such as CaptchaAction.php, leading to predictabl...
CVE-2021-3689
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...
Code injection
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...
CVE-2021-3689 Use of Predictable Algorithm in Random Number Generator in yiisoft/yii2
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...
CVE-2021-3689
CVE-2021-3689 affects yiisoft/yii2 and is caused by use of a Predictable Algorithm in the Random Number Generator (RNG). The entry consolidates multiple sources indicating insecure RNG usage (notably mt_rand-based implementation in Yii2 components such as BaseMailer.php) that leads to potential i...
yii2 安全特征问题漏洞
yii2 is a fast, secure and professional PHP framework. A security vulnerability exists in yii2 that stems from yii2's susceptibility to predictable algorithms in random number generators...
CVE-2021-32596
A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of FortiPortal 6.0.0 through 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables...
CVE-2021-32596
A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of FortiPortal 6.0.0 through 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables...
CVE-2021-32596
A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of FortiPortal 6.0.0 through 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables...
CVE-2021-32596
CVE-2021-32596 affects FortiPortal 6.0.0 through 6.04, where a vulnerable password store uses a one-way hash with a predictable salt, enabling an attacker with access to the password store to decrypt passwords via precomputed tables. The connected sources (Fortinet advisory FG-IR-21-094 and relat...