|
317331
|
7.5 |
HIGH
Network
|
netsourcecommerce
|
productcart
|
EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2004-2172
|
2024-02-15 01:58 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317332
|
- |
|
cgiscript
|
csguestbook
|
csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
|
CWE-94
Code Injection
|
CVE-2002-1750
|
2024-02-15 01:57 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317333
|
- |
|
cgiscript
|
cschat-r-box
|
csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
|
CWE-94
Code Injection
|
CVE-2002-1752
|
2024-02-15 01:57 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317334
|
- |
|
cgiscript
|
csnews_professional
|
csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
|
CWE-94
Code Injection
|
CVE-2002-1753
|
2024-02-15 01:56 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317335
|
5.5 |
MEDIUM
Local
|
daansystems
|
newsreactor
|
NewsReactor 1.0 uses a weak encryption scheme, which could allow local users to decrypt the passwords and gain access to other users' newsgroup accounts.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2002-1682
|
2024-02-15 01:55 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317336
|
7.8 |
HIGH
Local
|
mckesson
|
pathways_homecare
|
Pathways Homecare 6.5 uses weak encryption for user names and passwords, which allows local users to gain privileges by recovering the passwords from the pwhc.ini file.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2001-1546
|
2024-02-15 01:55 |
2001-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317337
|
9.8 |
CRITICAL
Network
|
arkeia
|
arkeia
|
Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting passwords using the crypt() function, which makes it easier for an attacker to conduct brute force password g…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2001-0967
|
2024-02-15 01:55 |
2001-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317338
|
7.8 |
HIGH
Local
|
spectrumcu
|
cash_receipting_system
|
Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a passw…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2005-4860
|
2024-02-15 01:54 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317339
|
- |
|
plainblack
|
webgui
|
Multiple eval injection vulnerabilities in PlainBlack Software WebGUI before 6.7.3 allow remote attackers to execute arbitrary Perl code via (1) Help.pm, (2) International.pm, or (3) WebGUI.pm.
|
CWE-94
Code Injection
|
CVE-2005-2837
|
2024-02-15 01:53 |
2005-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317340
|
7.5 |
HIGH
Network
|
vtun_project
|
vtun
|
Electronic Code Book (ECB) mode in VTun 2.0 through 2.5 uses a weak encryption algorithm that produces the same ciphertext from the same plaintext blocks, which could allow remote attackers to gain s…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2002-1697
|
2024-02-15 00:51 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
