Search | WebPortal | Contact Us
Recent News
Languages


Search
You can use the form below to search our site. Just enter the keywords to search.










Results 51 - 55 of 58 Page 11 of 12
back 1 2 3 4 5 6 7 8 9 10 11 12 - Next Results per-page: 5 | 10 | 20 | 50

Title QPC MegaBrowser Multiple Vulnerabilities
Info QPC MegaBrowser is a webserver / FTP server in one. Aimed at home users and small business who would like to run their own FTP and HTTP servers. However it is vulnerable to a directory traversal vulnerability which allows access to any file on the system as well as directory viewing of the root web directory. There is also a user enumeration vulnerability in the FTP server that allows an attacker to enumerate valid usernames.
Date June 04, 2022
BID 7802   7803  
Credit James Bercegay


Title Vulns In Pablo Software Solutions FTP Service 1.2
Info FTPService.exe is a service-version of Pablo's FTP Server. This service enables you to have the Pablo FTP server active even when you're not logged into Windows. By default this application is totally open to compromise, and also leaves the users machine open to attacks by allowing access to any file in the C drive. This can be prevented by changing privileges of, or disabling access to the anonymous account. The passwords for Pablo FTP Service are also stored in plaintext, which can definitely be a big threat if the default anonymous account is enabled.
Date June 03, 2022
BID 7799   7801  
Credit James Bercegay


Title WinMX Plaintext Password Vulnerabilities
Info WinMX 2.6 is an older version of the popular file sharing client WinMX. While the current version is 3.31, 2.6 still remains quite popular. Especially amongst users on private networks. I believe this is largely due to the fact that 2.6 does not have the option to output .wsx file (WinMX server list files) This helps keep the addresses for private OpenNap servers out of the hands of uninvited users (amongst other reasons). The problems with WinMX 2.6 is that it provides pretty much NO password protection. This can be exploited both locally and remotely. Again, I think all of us have seen the bad habit that most people have of using the same password for multiple accounts etc etc.
Date June 02, 2022
BID 7771  
Credit James Bercegay


Title Vulnerabilities In P-Synch Password Management
Info P-Synch is a total password management solution. It is intended to reduce the cost of ownership of password systems, and simultaneously improve the security of password protected systems. This is done through: Password Synchronization. Enforcing an enterprise wide password strength policy. Allowing authenticated users to reset their own forgotten passwords and enable their locked out accounts. Streamlining help desk call resolution for password resets. P-Synch is available for both internal use, on the corporate Intranet, as well as for the Internet deployment in B2B and B2C applications. There are a few vulnerabilities in P-Synch such as path disclosure, cross site scripting, and arbitrary file inclusion. Users should upgrade immediately.
Date May 30, 2022
BID 7740   7745   7747  
Credit James Bercegay


Title Invision Board Plaintext Password Vulnerability
Info Invision Board has been stores restricted forum credentials as plain text embedded in cookie data. These are the forums where you need a password to get access into the forum. If the Invision Board admin 'pass protected' option is activated for a specific forum, on attempted access to the controlled area, the restricted forum password is stored as plaintext in a local cookie. This is dangerous because if an attacker can steal the legit users cookie via cross site scripting or some other method, then they can gain access to the restricted forum(s). This vulnerability affects all versions of Invision Power Board. Users should under no circumstances disclose any sensitive or personal information on these "restricted" forums, as they are not secure and prone to attack.
Date April 25, 2022
BID 7440  
Credit James Bercegay

back 1 2 3 4 5 6 7 8 9 10 11 12 - Next Results per-page: 5 | 10 | 20 | 50
Results 51 - 55 of 58 Page 11 of 12




Copyright 2004 GulfTech Research And Development, All Rights Reserved