CVSS: -EPSS: %CPEs: -EXPL: 0CVE-2013-1625 – Titan FTP Administrative Password Disclosure
https://notcve.org/view.php?id=CVE-2013-1625
On Titan FTP servers prior to version 9.14.1628, an attacker can retrieve the username and password for the administrative XML-RPC interface, which listens on TCP Port 31001 by default, by sending an XML request containing bogus authentication information. ... With this information, an attacker has complete control over the FTP service, which includes the ability to add and remove FTP users, as well as add, remove, and modify available directories and their permissions. •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-39747 – IBM Sterling Connect:Direct Web Services information disclosure
https://notcve.org/view.php?id=CVE-2024-39747
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses default credentials for potentially critical functionality. • https://exchange.xforce.ibmcloud.com/vulnerabilities/297314 https://www.ibm.com/support/pages/node/7166947 • CWE-1392: Use of Default Credentials •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34018
https://notcve.org/view.php?id=CVE-2024-34018
Sensitive information disclosure due to insecure folder permissions. • https://security-advisory.acronis.com/advisories/SEC-4196 • CWE-276: Incorrect Default Permissions •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35118 – IBM MaaS360 information disclosure
https://notcve.org/view.php?id=CVE-2024-35118
IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by a user with physical access to the device. • https://www.ibm.com/support/pages/node/7166750 https://exchange.xforce.ibmcloud.com/vulnerabilities/290341 • CWE-798: Use of Hard-coded Credentials •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 1CVE-2024-8303 – dingfanzu CMS getBasicInfo.php sql injection
https://notcve.org/view.php?id=CVE-2024-8303
This is why information about affected and unaffected releases are unavailable. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. • https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/dingfanzu-CMS/dingfanzu-CMS%20getBasicInfo.php%20username%20SQL-inject.md https://vuldb.com/?ctiid.276075 https://vuldb.com/?id.276075 https://vuldb.com/?submit.396298 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •