Lucene search
K
Notify TechnologyNotifylink

4 matches found

CVE
CVE
added 2005/03/20 5:0 a.m.58 views

CVE-2005-0812

The CVE-2005-0812 issue affects NotifyLink 3.0 where the web interface displays user passwords in cleartext on the administrative page. root cause: passwords are stored and exposed via the admin UI, enabling an attacker with web/admin access or local access to obtain credentials. Impact per sourc...

5CVSS6.3AI score0.01647EPSS
CVE
CVE
added 2005/03/20 5:0 a.m.53 views

CVE-2005-0809

CVE-2005-0809 affects NotifyLink server: when client key retrieval is enabled, an unauthenticated HTTP POST to /hwp/get.asp can disclose AES keys. The server uses a fixed byte reordering scheme to obfuscate the key, substantially weakening cryptographic protection and enabling brute-force recover...

7.5CVSS6.6AI score0.01198EPSS
CVE
CVE
added 2005/03/20 5:0 a.m.47 views

CVE-2005-0810

CVE-2005-0810: NotifyLink contains SQL injection vulnerabilities affecting NotifyLink Server (pre-3.0). Unauthenticated remote attackers can append SQL via various URLs to view/modify the NotifyLink SQL database; impact includes unauthorized user creation, password changes, and data exposure. The...

7.5CVSS8.4AI score0.01512EPSS
CVE
CVE
added 2005/03/20 5:0 a.m.44 views

CVE-2005-0811

CVE-2005-0811 concerns the NotifyLink 3.0 web interface, where authenticated users can bypass GUI-enabled access restrictions by issuing direct requests to restricted URLs. The underlying issue is ineffective server-side access control for features that are disabled in the user interface, enablin...

4.6CVSS6.3AI score0.00658EPSS