Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the lastlogintime sort order in the explore/users page. An attacker can obtain sensitive information about users' login times by querying the user exploratio...

CVE-2024-46918

app/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org admin from viewing sensitive login fields of another org admin in the same org...

MISP 安全漏洞

MISP is an open source software solution from MISP Open Source. The product is used to collect, store, distribute, and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A security vulnerability exists in MISP versions prior to 2.4.198...

CVE-2021-34744

Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of...

CVE-2021-34757

Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of...

Design/Logic Flaw

Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of...

CVE-2021-34757 Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities

Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of...

Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities

Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details "details"...

Information Disclosure

djangonopassword is vulnerable to information disclosure. The vulnerability exists because it stores the sensitive login codes in the database and compares the codes in plaintext formats at the time of login...

CVE-2015-7732

The Avira Mobile Security app before 1.5.11 for iOS sends sensitive login information in cleartext...

CVE-2015-7732

The Avira Mobile Security app before 1.5.11 for iOS sends sensitive login information in cleartext...

CVE-2015-8628

The 1 Special:MyPage, 2 Special:MyTalk, 3 Special:MyContributions, 4 Special:MyUploads, and 5 Special:AllMyUploads pages in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 allow remote attackers to obtain sensitive user login information via crafted...

Log1 CMS 2.0 - Multiple Vulnerabilities

No description provided by source. +---------------------------------------+ | Log1 CMS 2.0 Multiple Vulnerabilities | +---------------------------------------+ Vulnerable Web-App : Log1 CMS 2.0 Vulnerability : Multiple Vulnerabilities. Author : Aodrulez. Atul Alex Cherian Email :...

Faceless: Account hijacking possible through ADB backup feature

It was found that if an attacker had access to an unlocked phone, they could take any data from the application's sandbox through ADB's backup feature. Normally ADB backup allows applications to be backed up to the cloud. This means that if a user replaces or wipes their phone, they can restore a...

Log1 CMS 2.0 Multiple Vulnerabilities

Exploit for php platform in category web applications +---------------------------------------+ | Log1 CMS 2.0 Multiple Vulnerabilities | +---------------------------------------+ Vulnerable Web-App : Log1 CMS 2.0 Vulnerability : Multiple Vulnerabilities. Author : Aodrulez. Atul Alex Cherian Emai...

Log1 CMS File Modification / Download

+---------------------------------------+ | Log1 CMS 2.0 Multiple Vulnerabilities | +---------------------------------------+ Vulnerable Web-App : Log1 CMS 2.0 Vulnerability : Multiple Vulnerabilities. Author : Aodrulez. Atul Alex Cherian Email : [email protected] Google-Dork : "POWERED BY LOG...