11 matches found
EUVD-2017-11565
Malware in sbrugna...
EUVD-2021-22822
Malware in sbrugna...
📄 GeoVision GV-ASManager 6.1.0.0 Information Disclosure
GeoVision GV-ASManager versions 6.1.0.0 and below suffer from an information disclosure vulnerability. Exploit Title: Information Disclosure in GeoVision GV-ASManager Google Dork: inurl:"ASWeb/Login" Date: 02-FEB-2025 Exploit Author: Giorgi Dograshvili DRAGOWN Vendor Homepage:...
CVE-2023-37831
An issue discovered in Elenos ETG150 FM transmitter v3.12 allows attackers to enumerate user accounts based on server responses when credentials are submitted...
Authentication flaw
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 authentication process response indicates and validates the existence of a username. This may allow an attacker to enumerate different user accounts...
Code injection
Ellucian formerly SunGard Banner Student 8.5.1.2 through 8.7 allow remote attackers to enumerate user accounts via a series of requests...
CVE-2015-4688
Ellucian formerly SunGard Banner Student 8.5.1.2 through 8.7 allow remote attackers to enumerate user accounts via a series of requests...
CVE-2014-8035
The web framework in Cisco WebEx Meetings Server produces different returned messages for URL requests depending on whether a username exists, which allows remote attackers to enumerate user accounts via a series of requests, aka Bug ID CSCuj40247...
CVE-2014-3304
The OutlookAction Class in Cisco WebEx Meetings Server allows remote attackers to enumerate user accounts by entering crafted URLs and examining the returned messages, aka Bug ID CSCuj81722...
Default credentials
IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 produces login-failure messages indicating whether the username or password is incorrect, which allows remote attackers to enumerate user accounts via a brute-force attack...
CVE-2011-4678
The password reset feature in One Click Orgs before 1.2.3 generates different error messages for failed reset attempts depending on whether the e-mail address is registered, which allows remote attackers to enumerate user accounts via a series of requests...