inf0seq

2 exploits Active since Jan 2019
CVE-2019-6499 WRITEUP HIGH WRITEUP
Teradata Viewpoint < 14.0 and 16.20.00.02-b80 - Use of Hard-coded Credentials
Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4 for the viewpoint database account (in viewpoint-portal\conf\server.xml) that could potentially be exploited by malicious users to compromise the affected system.
CVSS 8.1
CVE-2019-6500 WRITEUP HIGH WRITEUP
Axway File Transfer Direct 2.7.1 - Unauthenticated Path Traversal via %2e Encoding Bypass
In Axway File Transfer Direct 2.7.1, an unauthenticated Directory Traversal vulnerability can be exploited by issuing a specially crafted HTTP GET request with %2e instead of '.' characters, as demonstrated by an initial /h2hdocumentation//%2e%2e/ substring.
CVSS 7.5