Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
password manager vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-3290
SQL injection vulnerability in Accelerated Mortgage Manager allows remote malicious users to execute arbitrary SQL commands via the password field.
Accelerated Enterprise Solutions Accelerated Mortgage Manager
1 EDB exploit
5
CVSSv2
CVE-2000-0350
A debugging feature in NetworkICE ICEcap 2.0.23 and previous versions is enabled, which allows a remote malicious user to bypass the weak authentication and post unencrypted events.
Networkice Icecap Manager
1 EDB exploit
6.8
CVSSv2
CVE-2009-4827
Cross-site request forgery (CSRF) vulnerability in admin.php in Mail Manager Pro allows remote malicious users to hijack the authentication of administrators for requests that change the admin password via a change action.
Scriptez Mail Manager Pro
1 EDB exploit
2.1
CVSSv2
CVE-2002-0712
Entrust Authority Security Manager (EASM) 6.0 does not properly require multiple master users to change the password of a master user, which could allow a master user to perform operations that require multiple authorizations.
Entrust Entrust Authority Security Manager 5.0
Entrust Entrust Authority Security Manager 6.0
7.2
CVSSv2
CVE-2000-0516
When configured to store configuration information in an LDAP directory, Shiva Access Manager 5.0.0 stores the root DN (Distinguished Name) name and password in cleartext in a file that is world readable, which allows local users to compromise the LDAP server.
Intel Shiva Access Manager 5.0
1 EDB exploit
5
CVSSv2
CVE-2005-0506
The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic.
Avaya Ip Office Phone Manager
Avaya Ip Soft Phone
1 EDB exploit
2.1
CVSSv2
CVE-2016-8916
IBM Tivoli Storage Manager 5.5, 6.1-6.4, and 7.1 stores password information in a log file that could be read by a local user when a set password command is issued. IBM X-Force ID: 118472.
Ibm Tivoli Storage Manager 6.4.1.0
Ibm Tivoli Storage Manager 6.4.2.500
Ibm Tivoli Storage Manager 6.4.3
Ibm Tivoli Storage Manager 7.1.0.1
Ibm Tivoli Storage Manager 7.1.0.3
Ibm Tivoli Storage Manager 7.1.3
Ibm Tivoli Storage Manager 7.1.3.1
Ibm Tivoli Storage Manager 7.1.4.2
Ibm Tivoli Storage Manager 7.1.5.200
Ibm Tivoli Storage Manager 7.1.6.2
Ibm Tivoli Storage Manager 7.1.6.3
Ibm Tivoli Storage Manager 7.1.6.4
Ibm Tivoli Storage Manager 7.1
Ibm Tivoli Storage Manager 7.1.3.2
Ibm Tivoli Storage Manager 7.1.3.100
Ibm Tivoli Storage Manager 7.1.4
Ibm Tivoli Storage Manager 7.1.4.1
Ibm Tivoli Storage Manager 6.4.1
Ibm Tivoli Storage Manager 6.4.2
Ibm Tivoli Storage Manager 6.4.2.100
Ibm Tivoli Storage Manager 6.4.2.200
Ibm Tivoli Storage Manager 7.1.1.1
2.1
CVSSv2
CVE-2017-1339
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Server uses weak encryption for the password. A database administrator may be able to decrypt the IBM Spectrum protect client or administrator password which can result in information disclosure or a denial of ser...
Ibm Tivoli Storage Manager 6.1.4
Ibm Tivoli Storage Manager 6.1.5.4
Ibm Tivoli Storage Manager 6.2.4
Ibm Tivoli Storage Manager 6.3.0.5
Ibm Tivoli Storage Manager 6.3.2.2
Ibm Tivoli Storage Manager 6.3.4
Ibm Tivoli Storage Manager 6.4.2
Ibm Tivoli Storage Manager 6.4.2.200
Ibm Tivoli Storage Manager 7.1.0.1
Ibm Tivoli Storage Manager 7.1.0.3
Ibm Tivoli Storage Manager 7.1.1.200
Ibm Tivoli Storage Manager 7.1.3
Ibm Tivoli Storage Manager 7.1.4.2
Ibm Tivoli Storage Manager 7.1.5.200
Ibm Tivoli Storage Manager 8.1.1.100
Ibm Tivoli Storage Manager 6.1
Ibm Tivoli Storage Manager 6.1.0
Ibm Tivoli Storage Manager 6.1.1
Ibm Tivoli Storage Manager 6.1.2
Ibm Tivoli Storage Manager 6.3.0.15
Ibm Tivoli Storage Manager 6.3.0.17
Ibm Tivoli Storage Manager 6.3.1
10
CVSSv2
CVE-2008-4428
Unrestricted file upload vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 and previous versions allows remote malicious users to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the file in the top-l...
Phlatline Personal Information Manager
3 EDB exploits
7.5
CVSSv2
CVE-2008-4427
changepassword.php in Phlatline's Personal Information Manager (pPIM) 1.0 and previous versions does not require administrative authentication, which allows remote malicious users to change arbitrary passwords.
Phlatline Personal Information Manager
3 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »