12 matches found
CVE-2020-12714
An issue was discovered in CipherMail Community Gateway Virtual Appliances and Professional/Enterprise Gateway Virtual Appliances versions 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger Virtual Appliances 1.1.1 through 3.1.1-0. A Diffie-Hellman parameter of insufficient size could allow...
Medium: python-crypto
Issue Overview: lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional...
Medium: python-crypto
Issue Overview: lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional...
SUSE CVE-2018-6594
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional Diffie-Hellman DDH...
Weak Encryption Parameters
The Diffie-Hellman DH key exchange algorithm implementation in the Security component in OpenJDK failed to validate public DH parameters properly. This could cause OpenJDK to accept and use weak parameters, allowing an attacker to recover the negotiated key...
GHSA-6528-WVF6-F6QG Pycrypto generates weak key parameters
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional Diffie-Hellman DDH...
Medium: python-crypto
Issue Overview: Weak ElGamal key parameters in PublicKey/ElGamal.py allow attackers to obtain sensitive information by reading ciphertext: lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by...
PyCrypto Information Disclosure Vulnerability
PyCrypto is an encryption toolkit written in Python that includes MD5, AES, DES3 and other encryption algorithms. A security vulnerability exists in the lib/Crypto/PublicKey/ElGamal.py file in PyCrypto 2.6.1 and earlier versions, which stems from the program generating weak ElGamal key parameters...
SimplePHPQuiz - Blind SQL Injection
Exploit Title: SimplePHPQuiz - Blind SQL Injection Date: 2016-08-23 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: https://github.com/valokafor/SimplePHPQuiz Software Link: https://github.com/valokafor/SimplePHPQuiz/archive/master.zip Version: Latest commit Tested on:...
SimplePHPQuiz - Blind SQL Injection
Exploit for php platform in category web applications Exploit Title: SimplePHPQuiz - Blind SQL Injection Date: 2016-08-23 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: https://github.com/valokafor/SimplePHPQuiz Software Link:...
Fire Soft Board 2.1 Cross Site Scripting
Exploit Title: FSBFire Soft Board2 - Reflected Cross Site Scriptingindex.php Date: 2016-06-10 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://www.fire-soft-board.com/ Software Link: https://github.com/FSB/Fire-Soft-Board-2/archive/dev.zip Version: 2.1 Tested on:...
MemHT Portal 4.0.1 - SQL Injection Code Execution
MemHT Portal 4.0.1 - SQL Injection Code Execution !/usr/bin/perl =about MemHT 4.0.1 Perl exploit AUTHOR discovered & written by Ams ax330d doggy gmail dot com VULN. DESCRIPTION: Due to weak params filtering we are able to make SQL-Injection. So, 1. Look at 'inc/ajax/ajaxrating.php', line 29. It i...