|
313671
|
- |
|
openldap
|
openldap
|
ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the slap_passwd_parse function does not return LDAP_SUCCESS, attempts to free an uninitialized pointer…
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2003-1201
|
2024-02-14 02:43 |
2003-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313672
|
7.5 |
HIGH
Network
|
cisco
|
unified_wireless_ip_phone_7920_firmware
|
Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ("fixed") public and private SNMP community strings that cannot be changed, which allows remote attackers to obtain sensitive information.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2005-3803
|
2024-02-14 01:48 |
2005-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313673
|
7.5 |
HIGH
Network
|
utstarcom
|
f1000_wi-fi_firmware
|
The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has hard-coded public credentials that cannot be changed, which allows attackers to obtain sensitive…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2005-3716
|
2024-02-14 01:48 |
2005-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313674
|
9.8 |
CRITICAL
Network
|
arkeia
|
network_backup
|
Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attackers to access the file system and possibly execute arbitrary commands.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2005-0496
|
2024-02-14 01:48 |
2005-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313675
|
- |
|
iisprotect
|
iisprotect
|
SQL injection vulnerability in the web-based administration interface for iisPROTECT 2.2-r4, and possibly earlier versions, allows remote attackers to insert arbitrary SQL and execute code via certai…
|
CWE-89
SQL Injection
|
CVE-2003-0377
|
2024-02-14 01:47 |
2003-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313676
|
9.8 |
CRITICAL
Network
|
linksys
|
wap54g_firmware
|
Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password (gemtekswd) for a debug interface for certain web pages, which allows remote attackers to execute arbitr…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2010-1573
|
2024-02-14 01:43 |
2010-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313677
|
5.5 |
MEDIUM
Local
|
pgp
|
personal_privacy
|
Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when "Automatically decrypt/verify when opening messages" option is checked, "Alw…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2002-1696
|
2024-02-14 01:20 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313678
|
- |
|
cgiscript
|
cssearch_professional
|
csSearch.cgi in csSearch 2.3 and earlier allows remote attackers to execute arbitrary Perl code via the savesetup command and the setup parameter, which overwrites the setup.cgi configuration file th…
|
CWE-94
Code Injection
|
CVE-2002-0495
|
2024-02-14 01:20 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313679
|
9.8 |
CRITICAL
Network
|
xitami
|
xitami
|
Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows remote attackers to gain privileges.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2001-1481
|
2024-02-14 01:20 |
2001-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313680
|
7.5 |
HIGH
Network
|
ipswitch
|
imail
|
IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to obtain sensitive information.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2005-2160
|
2024-02-14 01:19 |
2005-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
