CWE:
 

Tytuł
Data
Autor
High
Plantronics Hub 3.25.1 Arbitrary File Read
16.05.2024
Alaa Kachouh
High
Adobe ColdFusion 2018,15 / 2021,5 Arbitrary File Read
11.03.2024
Youssef Muhammad
Med.
Jenkins 2.441 / LTS 2.426.3 Arbitrary File Read
29.01.2024
binganao
Med.
Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read
19.08.2023
Hank Leininger
Med.
OX App Suite SSRF / SQL Injection / Cross Site Scripting
03.08.2023
Mehmet Ince
High
Bludit < 3.13.1 Backup Plugin Arbitrary File Download (Authenticated)
11.07.2023
Antonio Cuomo (arkanto...
Med.
OX App Suite XSS / Information Disclosure / Authorization Bypass
09.05.2023
Martin Heiland
Med.
SecurePoint UTM 12.x Session ID Leak
18.04.2023
Julien Ahrens
Low
MiniDVBLinux 5.4 Arbitrary File Read
18.10.2022
LiquidWorm
High
Active eCommerce CMS 6.3.0 Arbitrary File Download
28.09.2022
th3d1gger
High
WordPress BackupBuddy 8.7.4.1 Arbitrary File Read
07.09.2022
Anonymouse
Low
SAP FRUN Simple Diagnostics Agent 1.0 Information Disclosure
22.06.2022
Yvan Genuer
Med.
Reolink E1 Zoom Camera 3.0.0.716 Private Key Disclosure
06.06.2022
Julien Ahrens
High
WordPress Amministrazione Aperta 3.7.3 Arbitrary File Read
24.03.2022
Hassan Khan Yusufzai
High
TermTalk Server 3.24.0.2 Arbitrary File Read
05.01.2022
Fabiano Golluscio
High
Oliver Library Server v5 Arbitrary File Download
19.12.2021
Mandeep Singh, Ishaan ...
Med.
Grafana 8.3.0 Directory Traversal / Arbitrary File Read
09.12.2021
s1gh
High
TestLink 1.19 Arbitrary File Download
09.12.2021
Gonzalo Villegas
Med.
WordPress DZS Zoomsounds 6.45 Arbitrary File Read
05.12.2021
Uriel Yochpaz
High
WordPress Plugin DZS Zoomsounds 6.45 Arbitrary File Read (Unauthenticated)
03.12.2021
Uriel Yochpaz
High
Wipro Holmes Orchestrator 20.4.1 Arbitrary File Download
16.11.2021
Rizal Muhammed
Med.
SAP Enterprise Portal Sensitive Data Disclosure
23.10.2021
Yvan Genuer
High
WordPress Duplicator 1.3.26 Arbitrary File Read
18.10.2021
nam3lum
High
Atlassian Confluence Server 7.5.1 Arbitrary File Read
06.10.2021
Mayank Deshmukh
Med.
WordPress BulletProof Security 5.1 Information Disclosure
06.10.2021
Ron Jost
Med.
Longjing Technology BEMS API 1.21 Remote Arbitrary File Download
30.07.2021
LiquidWorm
High
ES File Explorer 4.1.9.7.4 Arbitrary File Read
29.06.2021
Nehal Zaman
Med.
SAP Hybris eCommerce Information Disclosure
15.06.2021
Gaston Traberg
High
Hasura GraphQL 1.3.3 Arbitrary File Read
22.04.2021
Dolev Farhi
High
Novel Boutique House-plus 3.5.1 Arbitrary File Download
29.03.2021
tuyiqiang
Med.
Apache Flink 1.11.0 Unauthenticated Arbitrary File Read (Metasploit)
14.01.2021
Suncsr
Med.
Apache Flink 1.11.0 Arbitrary File Read / Directory Traversal
08.01.2021
SunCSR
Med.
WordPress Plugin W3 Total Cache Unauthenticated Arbitrary File Read (Metasploit)
06.01.2021
SunCSR
Med.
URVE Software Build 24.03.2020 Information Disclosure
30.12.2020
Erik Steltzner
Med.
Wordpress Plugin Duplicator 1.3.26 Unauthenticated Arbitrary File Read (Metasploit)
18.12.2020
Nguyen
High
Gitlab 12.9.0 Arbitrary File Read (Authenticated)
19.11.2020
Jasper Rasenberg
Low
Amazon Web Services - Database Disclosure (Sensitive Information)
13.09.2020
Gh05t666nero
Med.
HelloWeb 2.0 Arbitrary File Download
11.07.2020
bRpsd
High
jizhi CMS 1.6.7 Arbitrary File Download
21.04.2020
iej1ctk1g
High
Webtateas 2.0 Arbitrary File Read
15.04.2020
CBIITMC
Low
UniSharp Laravel File Manager 2.0.0 Arbitrary File Read
04.03.2020
NgoAnhDuc
Low
Antiprizuv Form-Data Log Emails Information Disclosure
26.12.2019
L4663r666h05t
High
IntelBras TELEFONE IP TIP200/200 LITE 60.61.75.15 Arbitrary File Read
03.09.2019
Todor Donev
Med.
Joomla JS Support Ticket 1.1.5 Arbitrary File Download
09.08.2019
qw3rTyTy
Med.
DuckSell 3.0.0 Database Disclosure
10.06.2019
KingSkrupellos
Med.
SmartLIB Library Software Database Disclosure
03.06.2019
KingSkrupellos
Med.
OpenEvSys Software 2.2 Database Disclosure
02.06.2019
KingSkrupellos
Med.
Open-EMR HealthCare Software 5.0.1 Database Disclosure
02.06.2019
KingSkrupellos
Med.
GinoCMS Software 2.x Database Disclosure
02.06.2019
KingSkrupellos
Med.
OCSInventory-NG Software CMS 2.6 RC Database Disclosure
02.06.2019
KingSkrupellos
Med.
AgniCMS 1.6 Database Disclosure
02.06.2019
KingSkrupellos
Low
Sierra Wireless AirLink ES450 ACEManager Embedded_Ace_Get_Task.cgi Information Disclosure
28.04.2019
Cisco Talos
Low
Sierra Wireless AirLink ES450 ACEManager Information Disclosure
28.04.2019
Cisco Talos
Med.
RingsDB Software 1.0.0 Database Disclosure
20.04.2019
KingSkrupellos
Med.
NIT-Warangal Dispensary Management System India 1.0 Database Disclosure
17.04.2019
KingSkrupellos
Med.
CyberShadeCMS v1 Database Disclosure
14.04.2019
KingSkrupellos
Med.
PragyanCMS 3.0 Beta Database Disclosure
14.04.2019
KingSkrupellos
Med.
TarichiCMS Web Publishing System v2 Database Disclosure
14.04.2019
KingSkrupellos
Med.
Opus Online Placement University System 4.2.0 Database Disclosure
12.04.2019
KingSkrupellos
Med.
OrangeScrum Project Management Software 1.6.1 Database Disclosure
12.04.2019
KingSkrupellos
Med.
Gibbonedu The Flexible School Platform 17.0.00 Database Disclosure
12.04.2019
KingSkrupellos
Med.
JobSkee Open Source JobBoard 1.1.3 Database Disclosure
12.04.2019
KingSkrupellos
Med.
MajorDoMo Domestic Module Database Disclosure
10.04.2019
KingSkrupellos
High
Themosis Framework BookStore 1.3.0 Database Disclosure
10.04.2019
KingSkrupellos
High
NekoCMS 2.5 Database Disclosure
10.04.2019
KingSkrupellos
High
YiiCMS JetBrains PHPStorm 6.0.3 Database Disclosure
10.04.2019
KingSkrupellos
Med.
Norbye CMS Database Disclosure
10.04.2019
KingSkrupellos
Med.
Nova CMS Software 3.77.3 Database Disclosure
08.04.2019
KingSkrupellos
Med.
NeoFragCMS Alpha 0.2.1 Database Disclosure
05.04.2019
KingSkrupellos
High
TheDayLightStudio GetFuelCMS 0.9.3 Database Disclosure
05.04.2019
KingSkrupellos
High
YonaCMS Software 1.3.2 Database Disclosure
05.04.2019
KingSkrupellos
Med.
Senayan Slims Meranti 5 Database Disclosure
04.04.2019
KingSkrupellos
Med.
ClipBucket 2.6 Database Disclosure
04.04.2019
KingSkrupellos
Med.
Luya CMS 1.0.0 Database Disclosure
04.04.2019
KingSkrupellos
Med.
OpenMonero MyMonero 1.1.9 Database Disclosure
04.04.2019
KingSkrupellos
Med.
RainCMS Alpha 1.0 Database Disclosure
04.04.2019
KingSkrupellos
Med.
Complaint Management System CMS 4.0.4.1 Database Disclosure
04.04.2019
KingSkrupellos
Med.
Mash Project Integrated 4.2.7.1 Database Disclosure Exploit
02.04.2019
KingSkrupellos
Med.
DataWrapper ProtoType 0.8 Database Disclosure Exploit
02.04.2019
KingSkrupellos
Med.
Ektron CMS 9 Database Disclosure Exploit
02.04.2019
KingSkrupellos
Med.
Shinobi Security Software 1.0 Database Disclosure Exploit
02.04.2019
KingSkrupellos
High
WordPress Ultimate Form Builder Plugins 1.0 Database Disclosure
28.03.2019
KingSkrupellos
Med.
WordPress 2.0.2 WP-Forum Plugins 1.7.8 Database Disclosure
27.03.2019
KingSkrupellos
Med.
Independent University of Bangladesh IUB Database Disclosure
22.03.2019
KingSkrupellos
Med.
F3-CMS FatFreeFramework 0.0.1 Database Disclosure
15.02.2019
KingSkrupellos
High
WordPress Ad Manager WD 1.0.11 Arbitrary File Download
29.01.2019
41!kh4224rDz
Med.
Papoo CMS PKalender Plugins 3.5 Database Disclosure
28.01.2019
KingSkrupellos
Med.
Joomla RSFirewall Components 2.11.25 Database and Password Disclosure
25.01.2019
KingSkrupellos
Med.
Joomla JVFramework Components 1.6.4.0 Database Disclosure
21.01.2019
KingSkrupellos
Med.
Joomla Akeeba Backup Components 6.3.3 Database Disclosure
19.01.2019
KingSkrupellos
Med.
Joomla FPSS Art Frontpage Slideshow Components 1.6.0 Database Disclosure / Open Redirection / SQL Injection
19.01.2019
KingSkrupellos
Low
Mozilla Firefox 64 Information Disclosure
18.01.2019
Dr. Vladimir Bostanov
Med.
Joomla ZHYandexMap Components 8.0.0.2 Database Disclosure
18.01.2019
KingSkrupellos
Med.
eBrigade ERP 4.5 Arbitrary File Download
11.01.2019
Ozkan Mustafa Akkus
Med.
Typo3 CMS twwc_pages Extension 8.7.x Database Disclosure
04.01.2019
KingSkrupellos
Med.
Typo3 CMS Site Crawler Extension 6.1.2 Database Disclosure
04.01.2019
KingSkrupellos
Med.
Typo3 CMS YAG Themepack jQuery Extension 1.3.2 Database Disclosure
04.01.2019
KingSkrupellos
Med.
Typo3 CMS Static Info Tables Extension 6.7.3 Database Disclosure
04.01.2019
KingSkrupellos
Med.
Typo3 CMS pw_highslide_gallery Extension 0.3.1 Database Disclosure
04.01.2019
KingSkrupellos
Med.
PrestaShop PM_ModalCart Modules 1.6.1.4 Database Disclosure
01.01.2019
KingSkrupellos


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2024-05-23
Waiting for details
CVE-2024-5230

Updating...
 

 
A vulnerability has been found in EnvaySoft FleetCart up to 4.1.1 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument razorpayKeyId leads to information disclosure. The attack can be launched remotely. It is recommended to upgrade the affected component. The identifier VDB-265981 was assigned to this vulnerability.

 
2024-05-21
Waiting for details
CVE-2024-21902

Updating...
 

 
An incorrect permission assignment for critical resource vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later

 
2024-05-20
Waiting for details
CVE-2024-1968

Updating...
 

 
In scrapy/scrapy, an issue was identified where the Authorization header is not removed during redirects that only change the scheme (e.g., HTTPS to HTTP) but remain within the same domain. This behavior contravenes the Fetch standard, which mandates the removal of Authorization headers in cross-origin requests when the scheme, host, or port changes. Consequently, when a redirect downgrades from HTTPS to HTTP, the Authorization header may be inadvertently exposed in plaintext, leading to potential sensitive information disclosure to unauthorized actors. The flaw is located in the _build_redirect_request function of the redirect middleware.

 
2024-05-19
Waiting for details
CVE-2024-5096

Updating...
 

 
A vulnerability classified as problematic was found in Hipcam Device up to 20240511. This vulnerability affects unknown code of the file /log/wifi.mac of the component MAC Address Handler. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-265078 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

 
2024-05-17
Waiting for details
CVE-2024-32131

Updating...
 

 
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in W3 Eden Inc. Download Manager allows Functionality Bypass.This issue affects Download Manager: from n/a through 3.2.82.

 
2024-05-14
Waiting for details
CVE-2024-27947

Updating...
 

 
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems could allow log messages to be forwarded to a specific client under certain circumstances. An attacker could leverage this vulnerability to forward log messages to a specific compromised client.

 
Waiting for details
CVE-2024-35171

Updating...
 

 
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Academy LMS academy.This issue affects Academy LMS: from n/a through 1.9.25.

 
Waiting for details
CVE-2024-35166

Updating...
 

 
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team Filebird.This issue affects Filebird: from n/a through 5.6.3.

 
Waiting for details
CVE-2024-35165

Updating...
 

 
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gutenify.This issue affects Gutenify: from n/a through 1.4.0.

 
Waiting for details
CVE-2024-34812

Updating...
 

 
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in RadiusTheme ShopBuilder �?? Elementor WooCommerce Builder Addons.This issue affects ShopBuilder �?? Elementor WooCommerce Builder Addons: from n/a through 2.1.8.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top