Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
CWE
:
Topic
Date
Author
Med.
Nanometrics Centaur / TitanSMA Unauthenticated Remote Memory Leak
19.02.2020
byteGoblin
Med.
Sentrifugo Human Resource Management System 3.2 File Disclosure
02.05.2019
KingSkrupellos
Med.
WordPress lbg_zoominoutslider Plugins 5.0.3 File Information Exposure
14.01.2019
KingSkrupellos
Med.
WordPress lbg-audio5-html5-shoutcast_sticky 4.9.x File Information Exposure
14.01.2019
KingSkrupellos
Med.
WordPress all_in_one_bannerWithPlaylist Plugins 5.0.3 File Information Exposure
14.01.2019
KingSkrupellos
Med.
WordPress all_in_one_bannerRotator Plugins 4.9.9 File Information Exposure
14.01.2019
KingSkrupellos
Med.
WordPress lbg-audio8-html5-radio_ads Plugins 4.9.x File Information Exposure
14.01.2019
KingSkrupellos
Med.
Sophos UTM 9 Management Appplication Local File Inclusion
25.10.2017
Matt Bergin
Low
SPIP 3.1.2 File Enumeration / Path Traversal
20.10.2016
Nicolas CHATELAIN
CVEMAP Search Results
CVE
Details
Description
2024-10-09
CVE-2024-9671
Updating...
A vulnerability was found in 3Scale. There is no auth mechanism to see a PDF invoice of a Developer user if the URL is known. Anyone can see the invoice if the URL is known or guessed.
2024-01-02
CVE-2024-0191
Updating...
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/uploads/. The manipulation leads to file and directory information exposure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249504.
2023-11-23
CVE-2023-4595
Updating...
An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end of the URL: %00 %0a, %20, %2a, %a0, %aa, %c0 and %ca.
2023-10-31
CVE-2023-46723
Updating...
lte-pic32-writer is a writer for PIC32 devices. In versions 0.0.1 and prior, those who use `sendto.txt` are vulnerable to attackers who known the IMEI reading the sendto.txt. The sendto.txt file can contain the SNS(such as slack and zulip) URL and API key. As of time of publication, a patch is not yet available. As workarounds, avoid using `sendto.txt` or use `.htaccess` to block access to `sendto.txt`.
2023-10-16
CVE-2023-4933
Updating...
The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled.
CVE-2023-5003
Updating...
The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so.
2023-09-14
CVE-2023-38558
Updating...
A vulnerability has been identified in SIMATIC PCS neo (Administration Console) V4.0 (All versions), SIMATIC PCS neo (Administration Console) V4.0 Update 1 (All versions). The affected application leaks Windows admin credentials. An attacker with local access to the Administration Console could get the credentials, and impersonate the admin user, thereby gaining admin access to other Windows systems.
2021-04-08
CVE-2021-1406
Updating...
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improper inclusion of sensitive information in downloadable files. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a specific set of commands. A successful exploit could allow the attacker to obtain hashed credentials of system users. To exploit this vulnerability an attacker would need to have valid user credentials with elevated privileges.
2021-01-15
Low
CVE-2021-21250
Vendor:
Onedev project
Software:
Onedev
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which may lead to arbitrary file read. When BuildSpec is provided in XML format, the spec is processed by XmlBuildSpecMigrator.migrate(buildSpecString); which processes the XML document without preventing the expansion of external entities. These entities can be configured to read arbitrary files from the file system and dump their contents in the final XML document to be migrated. If the files are dumped in properties included in the YAML file, it will be possible for an attacker to read them. If not, it is possible for an attacker to exfiltrate the contents of these files Out Of Band. This issue was addressed in 4.0.3 by ignoring ENTITY instructions in xml file.
2019-08-21
Low
CVE-2019-12623
Updating...
A vulnerability in the web server functionality of Cisco Enterprise Network Functions Virtualization Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform file enumeration on an affected system. The vulnerability is due to the web server responding with different error codes for existing and non-existing files. An attacker could exploit this vulnerability by sending GET requests for different file names. A successful exploit could allow the attacker to enumerate files residing on the system.
Copyright
2024
, cxsecurity.com
Back to Top
