16 matches found
CVE-2025-13649 REFLECTED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB
An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Email’ parameters within the...
CVE-2024-6914
An incorrect authorization vulnerability exists in multiple WSO2 products due to a business logic flaw in the account recovery-related SOAP admin service. A malicious actor can exploit this vulnerability to reset the password of any user account, leading to a complete account takeover, including...
CVE-2025-30150
CVE-2025-30150 affects Shopware 6 platforms. The vulnerability allows an attacker using the store-api to determine whether an email address is registered by querying /store-api/account/recovery-password ; responses differentiate between found vs not found accounts, enabling information exposure. ...
CVE-2023-35717 TP-Link Tapo C210 Password Recovery Authentication Bypass Vulnerability
TP-Link Tapo C210 Password Recovery Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link Tapo C210 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists...
D-Link DAP-2622 安全漏洞
The D-Link DAP-2622 is a wireless access point Access Point device from China-based AUO D-Link. A security vulnerability exists in the D-Link DAP-2622 that stems from a stack-based buffer overflow remote code execution vulnerability in the DDP Configuration Recovery Authentication password...
ManageEngine ADManager Plus Recovery Password Disclosure
Exploit Title: ManageEngine ADManager Plus Build 7183 - Recovery Password Disclosure Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/ad-manager/ Details:...
OpenClinic GA suffers from an unspecified vulnerability (CNVD-2021-17436)
OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management and other functions. A security vulnerability exists in OpenClinic GA version 5.09.02 and 5.89.05b, which can be exploited by an attacker...
CVE-2020-12801 Crash-recovered MSOffice encrypted documents defaulted to not to using encryption on next save
If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice'...
CVE-2018-11717
An issue was discovered in Zoho ManageEngine Desktop Central before 100251. By leveraging access to a log file, a context-dependent attacker can obtain depending on the modules configured the Base64 encoded Password/Username of AD accounts, the cleartext Password/Username and mail settings of the...
Default credentials
An issue was discovered in Zoho ManageEngine Desktop Central before 100251. By leveraging access to a log file, a context-dependent attacker can obtain depending on the modules configured the Base64 encoded Password/Username of AD accounts, the cleartext Password/Username and mail settings of the...
Microsoft Windows: BitLocker-protected removable drives recovery (password)
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winrmbitlockerrecoverypassword.nasl 11363 2018-09-12 13:46:05Z emoss $ Check value for Choose how BitLocker-protected removable drives can be recovered: Recovery password Authors: Emanuel Moss Copyright: Copyright c 2018...
Microsoft Windows: BitLocker-protected operating system drives recovery (password)
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winosbitlockerpassword.nasl 11363 2018-09-12 13:46:05Z emoss $ Check value for Choose how BitLocker-protected operating system drives can be recovered: Recovery password Authors: Emanuel Moss Copyright: Copyright c 2018...
Microsoft Windows: Recovering of BitLocker-protected fixed drives (Recovery Password)
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winbitlockerrecoverypassword.nasl 11363 2018-09-12 13:46:05Z emoss $ Check value for Choose how BitLocker-protected fixed drives can be recovered: Recovery Password Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone...
Mysteriously replaced Windows XP user password-vulnerability warning-the black bar safety net
Windows XP startup scriptstartup scriptsis a computer in the login screen to appear before running the batch file, which functions similar to the Windows 9X and DOS automatically executed batch file, the autoexec. bat. Using this feature, you can write a batch file to re-set the user password, an...
Mysteriously replaced Windows XP user password-vulnerability warning-the black bar safety net
Windows XP startup scriptstartup scriptsis a computer in the login screen to appear before running the batch file, which functions similar to the Windows 9×and DOS automatically executed batch file, the autoexec. bat. Using this feature, you can write a batch file to re-set the user password, and...
Mysteriously replaced XP user password-vulnerability warning-the black bar safety net
Windows XP startup scriptstartup scriptsis a computer in the login screen to appear before running the batch file, which functions similar to the Windows 9×and DOS automatically executed batch file, the autoexec . bat. Using this feature, you can write a batch file to re-set the user password, an...