Durito

Name of the Vulnerable Software and Affected Versions: Stride version 1.0 Description: The issue allows remote attackers to obtain administrative access due to a default administrator username and password. The default username is `scott` and the default password is `running`. This can be exploited through the "login.php" endpoint. Recommendations: For Stride version 1.0, change the default administrator username and password to secure credentials as soon as possible to prevent unauthorized access. Consider temporarily restricting access to the "login.php" endpoint until the default credentials are changed.

Name of the Vulnerable Software and Affected Versions: enVivo!CMS (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands and gain privileges. This can be achieved via the `username` or `password` parameters to the "admin login.asp" API endpoint, or the `searchstring` and possibly the `ID` parameters to the "default.asp" API endpoint. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.