Headline

CVE-2022-39989: CVE-2022-39989

An issue was discovered in Fighting Cock Information System 1.0, which uses default credentials, but does not force nor prompt the administrators to change the credentials.

1 year ago

CVE

Open in Source

#vulnerability #php

> [VulnerabilityType Other]

>> Default Credentials

---------------------------------------------------------------

> [Affected Component]

>> Login page

---------------------------------------------------------------

> [Attack Type]

>> Remote

---------------------------------------------------------------

> [Impact Escalation of Privileges]

>> true

---------------------------------------------------------------

> [Attack Vectors]

>> Admin:Admin credentials posted publicly and does not

>> force a change upon login

---------------------------------------------------------------

> [Discoverer]

>> Hopscotch, Chez, Killa_Crab

---------------------------------------------------------------

> [Reference]

>> https://www.sourcecodester.com/php/12824/fighting-cock-information-system.html

---------------------------------------------------------------

> [Vendor of Product]

>> FIghting Cock Information System, crhisjelo

---------------------------------------------------------------

> [Affected Product Code Base]

>> Fighting Cock Information System All versions

---------------------------------------------------------------

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

1 year ago

1 year ago

1 year ago

1 year ago

1 year ago