347 matches found
Design/Logic Flaw
d41d8cd98f00b204e9800998ecf8427e.php in the management web server on the Seagate BlackArmor device allows remote attackers to change the administrator password via unspecified vectors...
CVE-2012-2568
d41d8cd98f00b204e9800998ecf8427e.php in the management web server on the Seagate BlackArmor device allows remote attackers to change the administrator password via unspecified vectors...
CVE-2012-2568
The CVE-2012-2568 entry concerns the Seagate BlackArmor NAS management interface. The vulnerability stems from a static password reset PHP page (d41d8cd98f00b204e9800998ecf8427e.php) on the device’s management web server, which allows remote, unauthenticated attackers to reset the administrator p...
Seagate BlackArmor device static administrator password reset vulnerability
Overview The Seagate BlackArmor network attached storage device contains a static administrator password reset vulnerability. Description The Seagate BlackArmor network attached storage device contain a static php file used to reset the administrator password. A remote unauthenticated attacker wi...
Cache Plugin -Cross-site script error
Our e-security department found the error below after scanning the Cache Plugin: Number System/Location Defect Type Status R3 Cache Plugin Client-side Attacks: Cross-site Scripting Open Description Security Risk: It is possible to steal or manipulate customer session and cookies, which may be use...
Reporting Plugin- Cross-site scripting error
Our e-security found the following error for the Reporting plugin: Number System/Location Defect Type Status R2 Reporting Plugin Client-side Attacks: Cross-site Scripting Open Description Security Risk: It is possible to steal or manipulate customer session and cookies, which may be used to...
Seagate Crystal Reports exposes cleartext username/password pairs when embedded in URL or HTTP request
Overview The Seagate Crystal Reports product exposes passwords to back-end databases in certain configurations. In particular, the username and password are transmitted in plaintext from the client browser to the server as part of the URL when using technologies other than Active Server Pages ASP...