39 matches found
EUVD-2014-9271
Malware in sbrugna...
EUVD-2014-9272
Malware in sbrugna...
CVE-2014-9579
VDG Security SENSE formerly DIVA 2.3.13 stores administrator credentials in cleartext, which allows attackers to obtain sensitive information by reading the plugin configuration files...
CVE-2014-9575
VDG Security SENSE formerly DIVA before 2.3.15 allows remote attackers to bypass authentication, and consequently read and modify arbitrary plugin settings, via an encoded : colon character in the Authorization HTTP header...
CVE-2014-9576
VDG Security SENSE formerly DIVA 2.3.13 has a hardcoded password of 1 ArpaRomaWi for the root Postgres account and !DVService for the 2 postgres and 3 NTP Windows user accounts, which allows remote attackers to obtain access...
CVE-2014-9577
VDG Security SENSE formerly DIVA 2.3.13 sends the user database when a user logs in, which allows remote authenticated users to obtain usernames and password hashes by logging in to TCP port 51410 and reading the response...
VDG Security SENSE Design Vulnerability
VDG Security SENSE is a video management system VMS from VDG Security in the Netherlands. VDG Security SENSE formerly DIVA version 2.3.13 performs authentication using a password hash instead of a password, allowing a remote attacker to gain login privileges by exploiting knowledge of the passwor...
VDG Security SENSE Information Disclosure Vulnerability (CNVD-2015-00381)
VDG Security SENSE is a video management system VMS from VDG Security in the Netherlands. VDG Security SENSE suffers from an information disclosure vulnerability that allows an attacker to obtain sensitive information by reading plugin configuration files...
VDG Security SENSE Information Disclosure Vulnerability (CNVD-2015-00378)
VDG Security SENSE is a video management system VMS from VDG Security in the Netherlands. An information disclosure vulnerability exists in VDG Security SENSE version 2.3.13, which allows remote attackers to exploit the vulnerability to gain access...
CVE-2014-9579
VDG Security SENSE formerly DIVA 2.3.13 stores administrator credentials in cleartext, which allows attackers to obtain sensitive information by reading the plugin configuration files...
CVE-2014-9578
VDG Security SENSE formerly DIVA 2.3.13 performs authentication with a password hash instead of a password, which allows remote attackers to gain login access by leveraging knowledge of a password hash...
CVE-2014-9577
VDG Security SENSE formerly DIVA 2.3.13 sends the user database when a user logs in, which allows remote authenticated users to obtain usernames and password hashes by logging in to TCP port 51410 and reading the response...
CVE-2014-9576
VDG Security SENSE formerly DIVA 2.3.13 has a hardcoded password of 1 ArpaRomaWi for the root Postgres account and !DVService for the 2 postgres and 3 NTP Windows user accounts, which allows remote attackers to obtain access...
Information disclosure
VDG Security SENSE formerly DIVA 2.3.13 stores administrator credentials in cleartext, which allows attackers to obtain sensitive information by reading the plugin configuration files...
CVE-2014-9575
VDG Security SENSE formerly DIVA before 2.3.15 allows remote attackers to bypass authentication, and consequently read and modify arbitrary plugin settings, via an encoded : colon character in the Authorization HTTP header...
Authentication flaw
VDG Security SENSE formerly DIVA 2.3.13 performs authentication with a password hash instead of a password, which allows remote attackers to gain login access by leveraging knowledge of a password hash...
Hardcoded credentials
VDG Security SENSE formerly DIVA 2.3.13 has a hardcoded password of 1 ArpaRomaWi for the root Postgres account and !DVService for the 2 postgres and 3 NTP Windows user accounts, which allows remote attackers to obtain access...
Authentication flaw
VDG Security SENSE formerly DIVA before 2.3.15 allows remote attackers to bypass authentication, and consequently read and modify arbitrary plugin settings, via an encoded : colon character in the Authorization HTTP header...
Default credentials
VDG Security SENSE formerly DIVA 2.3.13 sends the user database when a user logs in, which allows remote authenticated users to obtain usernames and password hashes by logging in to TCP port 51410 and reading the response...
CVE-2014-9578
VDG Security SENSE formerly DIVA 2.3.13 performs authentication with a password hash instead of a password, which allows remote attackers to gain login access by leveraging knowledge of a password hash...