CVE-2025-26199

CloudClassroom-PHP-Project v1.0 is affected by an insecure credential transmission vulnerability. The application transmits passwords over unencrypted HTTP during the login process, exposing sensitive credentials to potential interception by network-based attackers. A remote attacker with access ...

CVE-2023-52950

Missing encryption of sensitive data vulnerability in login component in Synology Active Backup for Business Agent before 2.7.0-3221 allows adjacent man-in-the-middle attackers to obtain user credential via unspecified vectors...

Synology Active Backup for Business Agent 安全漏洞

Synology Active Backup for Business Agent is a backup program from China-based Synology Inc. A security vulnerability exists in Synology Active Backup for Business Agent prior to version 2.7.0-3221, which stems from a lack of sensitive data encryption vulnerability in the login component, allowin...

CVE-2024-42657

An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the lack of encryption during login process...

Longse NVR Security Vulnerability

Longse NVR is a series of network video recorders from China-based Longse Technology Longse. A security vulnerability exists in the Longse NVR that stems from transmitting a user's login and password to a remote control service without the use of any encryption, allowing an attacker to eavesdrop ...

Security Bulletin: Multiple vulnerabilities in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite (CVE-2013-2953, CVE-2013-2954, CVE-2013-2955, CVE-2013-2956, CVE-2013-2957, CVE-2013-2959)

Abstract Multiple vulnerabilities have been identified in the Optim E-Business Console making the product vulnerable to phishing attacks, the interception of credentials and the bypass of login entirely. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-2953 DESCRIPTION: Use of MD5 as SSL Certifica...

CleverDog Smart Camera DOG-2W / DOG-2W-V4 - Multiple Vulnerabilities

Exploit for hardware platform in category web applications 1. Advisory Information ======================================== Title: Clever Dog Smart Camera Vendor Homepage: http://www.cleverdog.com.cn/ Tested on Camera types : DOG-2W, DOG-2W-V4 Vulnerability: Hardware- Multiple Vulnerabilities Dat...

CVE-2017-1378

IBM Spectrum Protect 7.1 and 8.1 formerly Tivoli Storage Manager disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. IBM X-Force ID: 126875...

Design/Logic Flaw

IBM Spectrum Protect 7.1 and 8.1 formerly Tivoli Storage Manager disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. IBM X-Force ID: 126875...

CVE-2016-6110

IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user...

CVE-2016-6110

IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user...

Layton Helpbox 4.4.0 Multiple Security Issues

Layton Helpbox 4.4.0 Multiple Security Issues: Layton Helpbox 4.4.0 Multiple SQL Injection Points CVE-2012-4971 http://www.reactionpenetrationtesting.co.uk/helpbox-sql-injection.html Layton Helpbox 4.4.0 Authorisation Bypass Vulnerability CVE-2012-4975...

Teiid: JDBC socket does not encrypt client login messages by default

The Teiid Java Database Connectivity JDBC socket, as used in JBoss Enterprise Data Services Platform before 5.3.0, does not encrypt login messages by default contrary to documentation and specification, which allows remote attackers to obtain login credentials via a man-in-the-middle MITM attack...

LinkMax.txt

---------------------------------------------------------- Release date: May 21th 2001 Subject: WebAvail LinkMax2 ASP security problem Systems affected: All systems running LinkMax2 ASP script Vendor: http://www.webavail.com ---------------------------------------------------------- 1. problem...