CWE:
 

Topic
Date
Author
High
Adobe ColdFusion 2018,15 / 2021,5 Arbitrary File Read
11.03.2024
Youssef Muhammad
Med.
Jenkins 2.441 / LTS 2.426.3 Arbitrary File Read
29.01.2024
binganao
Med.
Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read
19.08.2023
Hank Leininger
Med.
OX App Suite SSRF / SQL Injection / Cross Site Scripting
03.08.2023
Mehmet Ince
High
Bludit < 3.13.1 Backup Plugin Arbitrary File Download (Authenticated)
11.07.2023
Antonio Cuomo (arkanto...
Med.
OX App Suite XSS / Information Disclosure / Authorization Bypass
09.05.2023
Martin Heiland
Med.
SecurePoint UTM 12.x Session ID Leak
18.04.2023
Julien Ahrens
Low
MiniDVBLinux 5.4 Arbitrary File Read
18.10.2022
LiquidWorm
High
Active eCommerce CMS 6.3.0 Arbitrary File Download
28.09.2022
th3d1gger
High
WordPress BackupBuddy 8.7.4.1 Arbitrary File Read
07.09.2022
Anonymouse
Low
SAP FRUN Simple Diagnostics Agent 1.0 Information Disclosure
22.06.2022
Yvan Genuer
Med.
Reolink E1 Zoom Camera 3.0.0.716 Private Key Disclosure
06.06.2022
Julien Ahrens
High
WordPress Amministrazione Aperta 3.7.3 Arbitrary File Read
24.03.2022
Hassan Khan Yusufzai
High
TermTalk Server 3.24.0.2 Arbitrary File Read
05.01.2022
Fabiano Golluscio
High
Oliver Library Server v5 Arbitrary File Download
19.12.2021
Mandeep Singh, Ishaan ...
Med.
Grafana 8.3.0 Directory Traversal / Arbitrary File Read
09.12.2021
s1gh
High
TestLink 1.19 Arbitrary File Download
09.12.2021
Gonzalo Villegas
Med.
WordPress DZS Zoomsounds 6.45 Arbitrary File Read
05.12.2021
Uriel Yochpaz
High
WordPress Plugin DZS Zoomsounds 6.45 Arbitrary File Read (Unauthenticated)
03.12.2021
Uriel Yochpaz
High
Wipro Holmes Orchestrator 20.4.1 Arbitrary File Download
16.11.2021
Rizal Muhammed
Med.
SAP Enterprise Portal Sensitive Data Disclosure
23.10.2021
Yvan Genuer
High
WordPress Duplicator 1.3.26 Arbitrary File Read
18.10.2021
nam3lum
High
Atlassian Confluence Server 7.5.1 Arbitrary File Read
06.10.2021
Mayank Deshmukh
Med.
WordPress BulletProof Security 5.1 Information Disclosure
06.10.2021
Ron Jost
Med.
Longjing Technology BEMS API 1.21 Remote Arbitrary File Download
30.07.2021
LiquidWorm
High
ES File Explorer 4.1.9.7.4 Arbitrary File Read
29.06.2021
Nehal Zaman
Med.
SAP Hybris eCommerce Information Disclosure
15.06.2021
Gaston Traberg
High
Hasura GraphQL 1.3.3 Arbitrary File Read
22.04.2021
Dolev Farhi
High
Novel Boutique House-plus 3.5.1 Arbitrary File Download
29.03.2021
tuyiqiang
Med.
Apache Flink 1.11.0 Unauthenticated Arbitrary File Read (Metasploit)
14.01.2021
Suncsr
Med.
Apache Flink 1.11.0 Arbitrary File Read / Directory Traversal
08.01.2021
SunCSR
Med.
WordPress Plugin W3 Total Cache Unauthenticated Arbitrary File Read (Metasploit)
06.01.2021
SunCSR
Med.
URVE Software Build 24.03.2020 Information Disclosure
30.12.2020
Erik Steltzner
Med.
Wordpress Plugin Duplicator 1.3.26 Unauthenticated Arbitrary File Read (Metasploit)
18.12.2020
Nguyen
High
Gitlab 12.9.0 Arbitrary File Read (Authenticated)
19.11.2020
Jasper Rasenberg
Low
Amazon Web Services - Database Disclosure (Sensitive Information)
13.09.2020
Gh05t666nero
Med.
HelloWeb 2.0 Arbitrary File Download
11.07.2020
bRpsd
High
jizhi CMS 1.6.7 Arbitrary File Download
21.04.2020
iej1ctk1g
High
Webtateas 2.0 Arbitrary File Read
15.04.2020
CBIITMC
Low
UniSharp Laravel File Manager 2.0.0 Arbitrary File Read
04.03.2020
NgoAnhDuc
Low
Antiprizuv Form-Data Log Emails Information Disclosure
26.12.2019
L4663r666h05t
High
IntelBras TELEFONE IP TIP200/200 LITE 60.61.75.15 Arbitrary File Read
03.09.2019
Todor Donev
Med.
Joomla JS Support Ticket 1.1.5 Arbitrary File Download
09.08.2019
qw3rTyTy
Med.
DuckSell 3.0.0 Database Disclosure
10.06.2019
KingSkrupellos
Med.
SmartLIB Library Software Database Disclosure
03.06.2019
KingSkrupellos
Med.
OpenEvSys Software 2.2 Database Disclosure
02.06.2019
KingSkrupellos
Med.
Open-EMR HealthCare Software 5.0.1 Database Disclosure
02.06.2019
KingSkrupellos
Med.
GinoCMS Software 2.x Database Disclosure
02.06.2019
KingSkrupellos
Med.
OCSInventory-NG Software CMS 2.6 RC Database Disclosure
02.06.2019
KingSkrupellos
Med.
AgniCMS 1.6 Database Disclosure
02.06.2019
KingSkrupellos
Low
Sierra Wireless AirLink ES450 ACEManager Embedded_Ace_Get_Task.cgi Information Disclosure
28.04.2019
Cisco Talos
Low
Sierra Wireless AirLink ES450 ACEManager Information Disclosure
28.04.2019
Cisco Talos
Med.
RingsDB Software 1.0.0 Database Disclosure
20.04.2019
KingSkrupellos
Med.
NIT-Warangal Dispensary Management System India 1.0 Database Disclosure
17.04.2019
KingSkrupellos
Med.
CyberShadeCMS v1 Database Disclosure
14.04.2019
KingSkrupellos
Med.
PragyanCMS 3.0 Beta Database Disclosure
14.04.2019
KingSkrupellos
Med.
TarichiCMS Web Publishing System v2 Database Disclosure
14.04.2019
KingSkrupellos
Med.
Opus Online Placement University System 4.2.0 Database Disclosure
12.04.2019
KingSkrupellos
Med.
OrangeScrum Project Management Software 1.6.1 Database Disclosure
12.04.2019
KingSkrupellos
Med.
Gibbonedu The Flexible School Platform 17.0.00 Database Disclosure
12.04.2019
KingSkrupellos
Med.
JobSkee Open Source JobBoard 1.1.3 Database Disclosure
12.04.2019
KingSkrupellos
Med.
MajorDoMo Domestic Module Database Disclosure
10.04.2019
KingSkrupellos
High
Themosis Framework BookStore 1.3.0 Database Disclosure
10.04.2019
KingSkrupellos
High
NekoCMS 2.5 Database Disclosure
10.04.2019
KingSkrupellos
High
YiiCMS JetBrains PHPStorm 6.0.3 Database Disclosure
10.04.2019
KingSkrupellos
Med.
Norbye CMS Database Disclosure
10.04.2019
KingSkrupellos
Med.
Nova CMS Software 3.77.3 Database Disclosure
08.04.2019
KingSkrupellos
Med.
NeoFragCMS Alpha 0.2.1 Database Disclosure
05.04.2019
KingSkrupellos
High
TheDayLightStudio GetFuelCMS 0.9.3 Database Disclosure
05.04.2019
KingSkrupellos
High
YonaCMS Software 1.3.2 Database Disclosure
05.04.2019
KingSkrupellos
Med.
Senayan Slims Meranti 5 Database Disclosure
04.04.2019
KingSkrupellos
Med.
ClipBucket 2.6 Database Disclosure
04.04.2019
KingSkrupellos
Med.
Luya CMS 1.0.0 Database Disclosure
04.04.2019
KingSkrupellos
Med.
OpenMonero MyMonero 1.1.9 Database Disclosure
04.04.2019
KingSkrupellos
Med.
RainCMS Alpha 1.0 Database Disclosure
04.04.2019
KingSkrupellos
Med.
Complaint Management System CMS 4.0.4.1 Database Disclosure
04.04.2019
KingSkrupellos
Med.
Mash Project Integrated 4.2.7.1 Database Disclosure Exploit
02.04.2019
KingSkrupellos
Med.
DataWrapper ProtoType 0.8 Database Disclosure Exploit
02.04.2019
KingSkrupellos
Med.
Ektron CMS 9 Database Disclosure Exploit
02.04.2019
KingSkrupellos
Med.
Shinobi Security Software 1.0 Database Disclosure Exploit
02.04.2019
KingSkrupellos
High
WordPress Ultimate Form Builder Plugins 1.0 Database Disclosure
28.03.2019
KingSkrupellos
Med.
WordPress 2.0.2 WP-Forum Plugins 1.7.8 Database Disclosure
27.03.2019
KingSkrupellos
Med.
Independent University of Bangladesh IUB Database Disclosure
22.03.2019
KingSkrupellos
Med.
F3-CMS FatFreeFramework 0.0.1 Database Disclosure
15.02.2019
KingSkrupellos
High
WordPress Ad Manager WD 1.0.11 Arbitrary File Download
29.01.2019
41!kh4224rDz
Med.
Papoo CMS PKalender Plugins 3.5 Database Disclosure
28.01.2019
KingSkrupellos
Med.
Joomla RSFirewall Components 2.11.25 Database and Password Disclosure
25.01.2019
KingSkrupellos
Med.
Joomla JVFramework Components 1.6.4.0 Database Disclosure
21.01.2019
KingSkrupellos
Med.
Joomla Akeeba Backup Components 6.3.3 Database Disclosure
19.01.2019
KingSkrupellos
Med.
Joomla FPSS Art Frontpage Slideshow Components 1.6.0 Database Disclosure / Open Redirection / SQL Injection
19.01.2019
KingSkrupellos
Low
Mozilla Firefox 64 Information Disclosure
18.01.2019
Dr. Vladimir Bostanov
Med.
Joomla ZHYandexMap Components 8.0.0.2 Database Disclosure
18.01.2019
KingSkrupellos
Med.
eBrigade ERP 4.5 Arbitrary File Download
11.01.2019
Ozkan Mustafa Akkus
Med.
Typo3 CMS twwc_pages Extension 8.7.x Database Disclosure
04.01.2019
KingSkrupellos
Med.
Typo3 CMS Site Crawler Extension 6.1.2 Database Disclosure
04.01.2019
KingSkrupellos
Med.
Typo3 CMS YAG Themepack jQuery Extension 1.3.2 Database Disclosure
04.01.2019
KingSkrupellos
Med.
Typo3 CMS Static Info Tables Extension 6.7.3 Database Disclosure
04.01.2019
KingSkrupellos
Med.
Typo3 CMS pw_highslide_gallery Extension 0.3.1 Database Disclosure
04.01.2019
KingSkrupellos
Med.
PrestaShop PM_ModalCart Modules 1.6.1.4 Database Disclosure
01.01.2019
KingSkrupellos
Med.
PrestaShop PM_AdvancedSearch4 Modules 1.6.1.18 Database Disclosure
01.01.2019
KingSkrupellos


CVEMAP Search Results

CVE
Details
Description
2024-04-21
Waiting for details
CVE-2024-4022

Updating...
 

 
A vulnerability was found in Keenetic KN-1010, KN-1410, KN-1711, KN-1810 and KN-1910 up to 4.1.2.15. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /version.js of the component Version Data Handler. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-261674 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

 
2024-04-18
Waiting for details
CVE-2024-3928

Updating...
 

 
A vulnerability was found in Dromara open-capacity-platform 2.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /actuator/heapdump of the component auth-server. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-261367.

 
2024-04-17
Waiting for details
CVE-2024-32506

Updating...
 

 
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73.

 
2024-04-16
Waiting for details
CVE-2024-3574

Updating...
 

 
In scrapy version 2.10.1, an issue was identified where the Authorization header, containing credentials for server authentication, is leaked to a third-party site during a cross-domain redirect. This vulnerability arises from the failure to remove the Authorization header when redirecting across domains. The exposure of the Authorization header to unauthorized actors could potentially allow for account hijacking.

 
Waiting for details
CVE-2024-32086

Updating...
 

 
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AitThemes Citadela Listing.This issue affects Citadela Listing: from n/a through 5.18.1.

 
2024-04-15
Waiting for details
CVE-2024-3774

Updating...
 

 
aEnrich Technology a+HRD's functionality for front-end retrieval of system configuration values lacks proper restrictions on a specific parameter, allowing attackers to modify this parameter to access certain sensitive system configuration values.

 
Waiting for details
CVE-2024-3505

Updating...
 

 
JFrog Artifactory Self-Hosted versions below 7.77.3, are vulnerable to sensitive information disclosure whereby a low-privileged authenticated user can read the proxy configuration. This does not affect JFrog cloud deployments.

 
Waiting for details
CVE-2024-3780

Updating...
 

 
A vulnerability of Information Exposure has been found on Technicolor CGA2121 affecting the version 1.01, this vulnerability allows a local attacker to obtain sensitive information stored on the device such as wifi network's SSID and their respective passwords.

 
2024-04-12
Waiting for details
CVE-2024-3689

Updating...
 

 
A vulnerability classified as problematic has been found in Zhejiang Land Zongheng Network Technology O2OA up to 20240403. Affected is an unknown function of the file /x_portal_assemble_surface/jaxrs/portal/list?v=8.2.3-4-43f4fe3. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. VDB-260478 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

 
Waiting for details
CVE-2024-3706

Updating...
 

 
Information exposure vulnerability in OpenGnsys affecting version 1.1.1d (Espeto). This vulnerability allows an attacker to view a php backup file (controlaccess.php-LAST) where database credentials are stored.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top