Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
password manager vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2014-9372
Directory traversal vulnerability in the UploadAccountActivities servlet in ManageEngine Password Manager Pro (PMP) prior to 7103 allows remote malicious users to delete arbitrary files via a .. (dot dot) in a filename.
Manageengine Password Manager Pro
4.3
CVSSv2
CVE-2019-10676
An issue exists in Uniqkey Password Manager 1.14. Upon entering new credentials to a site that is not registered within this product, a pop-up window will appear prompting the user if they want to save this new password. This pop-up window will persist on any page the user enters...
Uniqkey Password Manager 1.14
4.3
CVSSv2
CVE-2019-10845
An issue exists in Uniqkey Password Manager 1.14. When entering new credentials to a site that isn't registered within this product, a pop-up window will appear asking the user if they want to save these new credentials. The code of the pop-up window can be read and, to some...
Uniqkey Password Manager 1.14
5
CVSSv2
CVE-2020-7962
An issue exists in One Identity Password Manager 5.8. An attacker could enumerate valid answers for a user. It is possible for an malicious user to detect a valid answer based on the HTTP response content, and reuse this answer later for a password reset on a chosen password. The...
Oneidentity Password Manager 5.8
4.3
CVSSv2
CVE-2018-18362
Norton Password Manager for Android (formerly Norton Identity Safe) may be susceptible to a cross site scripting (XSS) exploit, which is a type of issue that can enable malicious users to inject client-side scripts into web pages viewed by other users. A cross-site scripting vuln...
Symantec Norton Password Manager
5
CVSSv2
CVE-2018-18365
Norton Password Manager may be susceptible to an address spoofing issue. This type of issue may allow an malicious user to disguise their origin IP address in order to obfuscate the source of network traffic.
Symantec Norton Password Manager
2.1
CVSSv2
CVE-2004-1902
The Citrix MetaFrame Password Manager 2.0, when a central credential store is not configured, does not encrypt passwords entered immediately after executing the First Time User Wizards, which allows local users to gain sensitive information.
Citrix Metaframe Password Manager 2.0
6.5
CVSSv2
CVE-2014-8498
SQL injection vulnerability in BulkEditSearchResult.cc in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition prior to 7.1 build 7105 allows remote authenticated users to execute arbitrary SQL commands via the SEARCH_ALL parame...
Zohocorp Manageengine Password Manager Pro
1 EDB exploit
4.3
CVSSv2
CVE-2019-12880
BCN Quark Quarking Password Manager 3.1.84 suffers from a clickjacking vulnerability caused by allowing * within web_accessible_resources. An attacker can take advantage of this vulnerability and cause significant harm.
Bcnquark Quarking Password Manager 3.1.84
4.3
CVSSv2
CVE-2017-17698
Zoho ManageEngine Password Manager Pro 9 prior to 9.4 (9400) has reflected XSS in SearchResult.ec and BulkAccessControlView.ec.
Zohocorp Manageengine Password Manager Pro
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »