Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
password manager vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2005-3290
SQL injection vulnerability in Accelerated Mortgage Manager allows remote malicious users to execute arbitrary SQL commands via the password field.
Accelerated Enterprise Solutions Accelerated Mortgage Manager
1 EDB exploit
505
VMScore
CVE-2000-0350
A debugging feature in NetworkICE ICEcap 2.0.23 and previous versions is enabled, which allows a remote malicious user to bypass the weak authentication and post unencrypted events.
Networkice Icecap Manager
1 EDB exploit
685
VMScore
CVE-2009-4827
Cross-site request forgery (CSRF) vulnerability in admin.php in Mail Manager Pro allows remote malicious users to hijack the authentication of administrators for requests that change the admin password via a change action.
Scriptez Mail Manager Pro
1 EDB exploit
187
VMScore
CVE-2002-0712
Entrust Authority Security Manager (EASM) 6.0 does not properly require multiple master users to change the password of a master user, which could allow a master user to perform operations that require multiple authorizations.
Entrust Entrust Authority Security Manager 5.0
Entrust Entrust Authority Security Manager 6.0
725
VMScore
CVE-2000-0516
When configured to store configuration information in an LDAP directory, Shiva Access Manager 5.0.0 stores the root DN (Distinguished Name) name and password in cleartext in a file that is world readable, which allows local users to compromise the LDAP server.
Intel Shiva Access Manager 5.0
1 EDB exploit
505
VMScore
CVE-2005-0506
The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic.
Avaya Ip Office Phone Manager
Avaya Ip Soft Phone
1 EDB exploit
187
VMScore
CVE-2016-8916
IBM Tivoli Storage Manager 5.5, 6.1-6.4, and 7.1 stores password information in a log file that could be read by a local user when a set password command is issued. IBM X-Force ID: 118472.
Ibm Tivoli Storage Manager 6.4.1.0
Ibm Tivoli Storage Manager 6.4.2.500
Ibm Tivoli Storage Manager 6.4.3
Ibm Tivoli Storage Manager 7.1.0.1
Ibm Tivoli Storage Manager 7.1.0.3
Ibm Tivoli Storage Manager 7.1.3
Ibm Tivoli Storage Manager 7.1.3.1
Ibm Tivoli Storage Manager 7.1.4.2
Ibm Tivoli Storage Manager 7.1.5.200
Ibm Tivoli Storage Manager 7.1.6.2
Ibm Tivoli Storage Manager 7.1.6.3
Ibm Tivoli Storage Manager 7.1.6.4
Ibm Tivoli Storage Manager 7.1
Ibm Tivoli Storage Manager 7.1.3.2
Ibm Tivoli Storage Manager 7.1.3.100
Ibm Tivoli Storage Manager 7.1.4
Ibm Tivoli Storage Manager 7.1.4.1
Ibm Tivoli Storage Manager 6.4.1
Ibm Tivoli Storage Manager 6.4.2
Ibm Tivoli Storage Manager 6.4.2.100
Ibm Tivoli Storage Manager 6.4.2.200
Ibm Tivoli Storage Manager 7.1.1.1
187
VMScore
CVE-2017-1339
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Server uses weak encryption for the password. A database administrator may be able to decrypt the IBM Spectrum protect client or administrator password which can result in information disclosure or a denial of ser...
Ibm Tivoli Storage Manager 6.1.4
Ibm Tivoli Storage Manager 6.1.5.4
Ibm Tivoli Storage Manager 6.2.4
Ibm Tivoli Storage Manager 6.3.0.5
Ibm Tivoli Storage Manager 6.3.2.2
Ibm Tivoli Storage Manager 6.3.4
Ibm Tivoli Storage Manager 6.4.2
Ibm Tivoli Storage Manager 6.4.2.200
Ibm Tivoli Storage Manager 7.1.0.1
Ibm Tivoli Storage Manager 7.1.0.3
Ibm Tivoli Storage Manager 7.1.1.200
Ibm Tivoli Storage Manager 7.1.3
Ibm Tivoli Storage Manager 7.1.4.2
Ibm Tivoli Storage Manager 7.1.5.200
Ibm Tivoli Storage Manager 8.1.1.100
Ibm Tivoli Storage Manager 6.1
Ibm Tivoli Storage Manager 6.1.0
Ibm Tivoli Storage Manager 6.1.1
Ibm Tivoli Storage Manager 6.1.2
Ibm Tivoli Storage Manager 6.3.0.15
Ibm Tivoli Storage Manager 6.3.0.17
Ibm Tivoli Storage Manager 6.3.1
765
VMScore
CVE-2008-4427
changepassword.php in Phlatline's Personal Information Manager (pPIM) 1.0 and previous versions does not require administrative authentication, which allows remote malicious users to change arbitrary passwords.
Phlatline Personal Information Manager
3 EDB exploits
1000
VMScore
CVE-2008-4428
Unrestricted file upload vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 and previous versions allows remote malicious users to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the file in the top-l...
Phlatline Personal Information Manager
3 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »