Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2023/11/27 12:0 a.m.4 views

PT-2023-32394 · Unknown · Ffs Colibri

Name of the Vulnerable Software and Affected Versions: FFS Colibri affected versions not specified Description: The issue allows a remote user to access files on the system, including files that contain login credentials for other users. Recommendations: At the moment, there is no information abo...

6.5CVSS7AI score0.01103EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/02/12 12:0 a.m.28 views

Cross-Site Request Forgery in Magnolia CMS

An issue in the Login page of Magnolia CMS v6.2.3 and below allows attackers to exploit both an Open Redirect vulnerability and Cross-Site Request Forgery CSRF in order to brute force and exfiltrate users' credentials...

8.8CVSS4.8AI score0.00758EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2021/07/07 2:12 p.m.22 views

CVE-2021-32522 QSAN Storage Manager, XEVO, SANOS - Improper Restriction of Excessive Authentication Attempts

Improper restriction of excessive authentication attempts vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote attackers to discover users’ credentials and obtain access via a brute force attack. Suggest contacting with QSAN and refer to recommendations in QSAN Document...

9.8CVSS9.7AI score0.01388EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/11/15 3:0 p.m.19 views

CVE-2018-16162

OpenDolphin 2.7.0 and earlier allows authenticated attackers to obtain other users credentials such as a user ID and/or its password via unspecified vectors...

8.6AI score0.01001EPSS
Exploits0References2
securityvulns
securityvulns
added 2005/09/29 12:0 a.m.142 views

PHP-Fusion v6.00.109 SQL Injection / admin|users credentials disclosure

PHP-Fusion v6.00.109 SQL Injection / admin|users credentials disclosure site: http://www.php-fusion.co.uk - if magicquotes off - SQL Injection, poc: http://target/pathtoPhpFusion/messages.php?msgsend=' UNION SELECT userpassword FROM fusionusers WHERE username='adminusername'/ now hash is showed i...

8.3AI score
Exploits0
securityvulns
securityvulns
added 2005/09/14 12:0 a.m.33 views

ATutor 1.5.1 SQL Injection / Admin credentials disclosure / remote code execution

ATUTOR 1.5.1 possibly prior versions SQL INJECTION / ADMIN & USERS CREDENTIALS DISCLOSURE / INFORMATION DISCLOSURE / USER IMPERSONATION / REMOTE CODE EXECUTION software: site: http://www.atutor.ca/ description: "ATutor is an Open Source Web-based Learning Content Management System LCMS designed...

Exploits0
Rows per page
Query Builder