An information disclosure vulnerability has been found in the GeoVision GV-ASManager web application with version 6.1.0.0 or lower. This vulnerability allows unauthorized access to sensitive information within the application, such as user accounts and clear text passwords, potentially leading to unauthorized access to monitoring cameras, access cards, and other critical data.
The ABB Cylon Aspect version 3.08.02 application is vulnerable to storing sensitive information in clear text within a Cookie. This includes the global parameter, where base64-encoded credentials are stored. By exploiting this vulnerability, a remote attacker can intercept the HTTP Cookie, gaining access to authentication credentials through a man-in-the-middle attack, potentially leading to unauthorized access to user accounts and sensitive data.
The SAPGateBreaker exploit leverages CVE-2022-22536 to perform HTTP Request Smuggling on SAP NetWeaver Application Server. This exploit allows for ACL bypass and internal access through a Content-Length-based technique.
An API-level vulnerability in Nagios Log Server 2024R1.3.1 allows any user with a valid API token to retrieve a full list of user accounts along with their plaintext API keys, including administrator credentials. This flaw enables user enumeration, privilege escalation, and full system compromise via unauthorized use of exposed tokens.
The exploit involves abusing MS Office URI schemes to fetch a document from a remote source. By invoking a specific URI scheme on a victim computer, an attacker can capture and relay NTLMv2 hash over SMB and HTTP.
An authenticated attacker can access critical information via the system logs page of ABB Cylon FLXeon controllers, including the OpenSSL password for stored certificates. This data exposure can lead to potential attacks like decrypting encrypted communications, impersonation, or gaining deeper system access.
DataEase 2.4.0 to 2.5.0 allows remote attackers to obtain sensitive information via a crafted request to /de2api/engine/getEngine;.js, which results in the disclosure of database configuration details such as username, password, and port.
The exploit allows an attacker to enumerate valid usernames on Webmin Usermin version 2.100. By sending requests to the password change endpoint with different usernames, the attacker can identify existing user accounts based on the server's responses.
Drupal 11.x-dev Full Path Disclosure Vulnerability: core/authorize.php allows Full Path Disclosure even when error logging is None if the value of hash_salt is file_get_contents of a file that does not exist.
Usermin version 2.100 allows an attacker to enumerate valid usernames by sending requests to the password_change.cgi endpoint. By observing the responses, an attacker can identify valid usernames on the system.
Services By CQR