9 matches found
EUVD-2020-21870
Malware in sbrugna...
[The ManageOwnage Series, part II]: User credential disclosure in ManageEngine DeviceExpert
Hi, You can read the usernames and MD5 hashed passwords of all the users in the Device Expert application by sending an unauthenticated request. I am releasing this as a 0 day as ManageEngine have responded that they do not consider this a priority and won't fix it in the near future unless a...
ManageEngine DeviceExpert 5.9 - User Credential Disclosure
No description provided by source. User credential disclosure in ManageEngine DeviceExpert 5.9 Discovered by Pedro Ribeiro [email protected], Agile Information Security ========================================================================== Background on the affected product: "DeviceExpert is a...
ManageEngine DeviceExpert 5.9 - User Credential Disclosure
ManageEngine DeviceExpert 5.9 - User Credential Disclosure User credential disclosure in ManageEngine DeviceExpert 5.9 Discovered by Pedro Ribeiro [email protected], Agile Information Security ========================================================================== Background on the affected...
ManageEngine DeviceExpert 5.9 - User Credential Disclosure
Exploit for php platform in category web applications User credential disclosure in ManageEngine DeviceExpert 5.9 Discovered by Pedro Ribeiro email protected, Agile Information Security ========================================================================== Background on the affected product:...
SurfControl SuperScout Email Filter 3.5 User Credential Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5929/info SurfControl SuperScout Email Filter comes with a web-based interface to provide remote access to administrative facilities. One of the files userlist.asp that comes with the web interface contains a listing of...
[SA13304] WinFTP Server Clear Text User Credential Disclosure
TITLE: WinFTP Server Clear Text User Credential Disclosure SECUNIA ADVISORY ID: SA13304 VERIFY ADVISORY: http://secunia.com/advisories/13304/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: Local system SOFTWARE: WinFTP Server 1.x http://secunia.com/product/4318/...
CuteCast 1.2 - User Credential Disclosure
CuteCast 1.2 - User Credential Disclosure source: https://www.securityfocus.com/bid/6127/info It has been reported that the default configuration of CuteCast is insecure. According to the report, CuteCast stores user information in a publicly accessible directory. This includes plaintext...
SurfControl SuperScout Email Filter 3.5 - User Credential Disclosure
SurfControl SuperScout Email Filter 3.5 - User Credential Disclosure source: https://www.securityfocus.com/bid/5929/info SurfControl SuperScout Email Filter comes with a web-based interface to provide remote access to administrative facilities. One of the files userlist.asp that comes with the we...