CWE:
 

Topic
Date
Author
Med.
Nanometrics Centaur / TitanSMA Unauthenticated Remote Memory Leak
19.02.2020
byteGoblin
Med.
Sentrifugo Human Resource Management System 3.2 File Disclosure
02.05.2019
KingSkrupellos
Med.
WordPress lbg_zoominoutslider Plugins 5.0.3 File Information Exposure
14.01.2019
KingSkrupellos
Med.
WordPress lbg-audio5-html5-shoutcast_sticky 4.9.x File Information Exposure
14.01.2019
KingSkrupellos
Med.
WordPress all_in_one_bannerWithPlaylist Plugins 5.0.3 File Information Exposure
14.01.2019
KingSkrupellos
Med.
WordPress all_in_one_bannerRotator Plugins 4.9.9 File Information Exposure
14.01.2019
KingSkrupellos
Med.
WordPress lbg-audio8-html5-radio_ads Plugins 4.9.x File Information Exposure
14.01.2019
KingSkrupellos
Med.
Sophos UTM 9 Management Appplication Local File Inclusion
25.10.2017
Matt Bergin
Low
SPIP 3.1.2 File Enumeration / Path Traversal
20.10.2016
Nicolas CHATELAIN


CVEMAP Search Results

CVE
Details
Description
2024-10-09
Waiting for details
CVE-2024-9671

Updating...
 

 
A vulnerability was found in 3Scale. There is no auth mechanism to see a PDF invoice of a Developer user if the URL is known. Anyone can see the invoice if the URL is known or guessed.

 
2024-01-02
Waiting for details
CVE-2024-0191

Updating...
 

 
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/uploads/. The manipulation leads to file and directory information exposure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249504.

 
2023-11-23
Waiting for details
CVE-2023-4595

Updating...
 

 
An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end of the URL: %00 %0a, %20, %2a, %a0, %aa, %c0 and %ca.

 
2023-10-31
Waiting for details
CVE-2023-46723

Updating...
 

 
lte-pic32-writer is a writer for PIC32 devices. In versions 0.0.1 and prior, those who use `sendto.txt` are vulnerable to attackers who known the IMEI reading the sendto.txt. The sendto.txt file can contain the SNS(such as slack and zulip) URL and API key. As of time of publication, a patch is not yet available. As workarounds, avoid using `sendto.txt` or use `.htaccess` to block access to `sendto.txt`.

 
2023-10-16
Waiting for details
CVE-2023-4933

Updating...
 

 
The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled.

 
Waiting for details
CVE-2023-5003

Updating...
 

 
The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so.

 
2023-09-14
Waiting for details
CVE-2023-38558

Updating...
 

 
A vulnerability has been identified in SIMATIC PCS neo (Administration Console) V4.0 (All versions), SIMATIC PCS neo (Administration Console) V4.0 Update 1 (All versions). The affected application leaks Windows admin credentials. An attacker with local access to the Administration Console could get the credentials, and impersonate the admin user, thereby gaining admin access to other Windows systems.

 
2021-04-08
Waiting for details
CVE-2021-1406

Updating...
 

 
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improper inclusion of sensitive information in downloadable files. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a specific set of commands. A successful exploit could allow the attacker to obtain hashed credentials of system users. To exploit this vulnerability an attacker would need to have valid user credentials with elevated privileges.

 
2021-01-15
Low
CVE-2021-21250

Vendor: Onedev project
Software: Onedev
 

 
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which may lead to arbitrary file read. When BuildSpec is provided in XML format, the spec is processed by XmlBuildSpecMigrator.migrate(buildSpecString); which processes the XML document without preventing the expansion of external entities. These entities can be configured to read arbitrary files from the file system and dump their contents in the final XML document to be migrated. If the files are dumped in properties included in the YAML file, it will be possible for an attacker to read them. If not, it is possible for an attacker to exfiltrate the contents of these files Out Of Band. This issue was addressed in 4.0.3 by ignoring ENTITY instructions in xml file.

 
2019-08-21
Low
CVE-2019-12623

Updating...
 

 
A vulnerability in the web server functionality of Cisco Enterprise Network Functions Virtualization Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform file enumeration on an affected system. The vulnerability is due to the web server responding with different error codes for existing and non-existing files. An attacker could exploit this vulnerability by sending GET requests for different file names. A successful exploit could allow the attacker to enumerate files residing on the system.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top