CVE-2024-53804

Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through 1.8.16.0...

CVE-2024-53768 WordPress Content Audit Exporter plugin <= 1.1 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ideinteractive Content Audit Exporter content-audit-exporter allows Retrieve Embedded Sensitive Data.This issue affects Content Audit Exporter: from n/a through = 1.1...

CVE-2024-50528

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Stacks Stacks Mobile App Builder allows Retrieve Embedded Sensitive Data.This issue affects Stacks Mobile App Builder: from n/a through 5.2.3...

CVE-2024-50512

Generation of Error Message Containing Sensitive Information vulnerability in Posti Posti Shipping posti-shipping allows Retrieve Embedded Sensitive Data.This issue affects Posti Shipping: from n/a through = 3.10.2...

CVE-2024-50512

CVE-2024-50512 affects the WordPress plugin Posti Shipping (versions

PT-2024-34288 · Posti · Posti Shipping

Name of the Vulnerable Software and Affected Versions: Posti Shipping versions 3.10.2 and earlier Description: The issue allows the retrieval of embedded sensitive data due to the generation of error messages containing sensitive information. Recommendations: For Posti Shipping versions 3.10.2 an...

PT-2024-33372 · Videowhisper.Com · Videowhisper.Com Contact Forms +3

Name of the Vulnerable Software and Affected Versions: VideoWhisper.Com Contact Forms, Live Support, CRM, Video Messages versions 1.10.2 and earlier Description: The issue allows the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. This affects...

Yordam Library Automation System 安全漏洞

Yordam Library Automation System is an application from Yordam, Inc. A security vulnerability exists in Yordam Library Automation System prior to version 5.0, which stems from an unauthorized exposure of sensitive information vulnerability that allows retrieval of embedded sensitive data...

CVE-2024-3305

Authorization Bypass Through User-Controlled Key, Missing Authorization vulnerability in Utarit Information SoliClub allows Retrieve Embedded Sensitive Data. This issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android...

CVE-2024-3305

Authorization Bypass Through User-Controlled Key, Missing Authorization vulnerability in Utarit Information SoliClub allows Retrieve Embedded Sensitive Data. This issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android...

CVE-2024-1744

Authorization Bypass Through User-Controlled Key, Missing Authorization vulnerability in Ariva Computer Accord ORS allows Retrieve Embedded Sensitive Data.This issue affects Accord ORS: before 7.3.2.1...

CVE-2024-1744

Authorization Bypass Through User-Controlled Key, Missing Authorization vulnerability in Ariva Computer Accord ORS allows Retrieve Embedded Sensitive Data. This issue affects Accord ORS: before 7.3.2.1...

Accord ORS 信息泄露漏洞

Accord ORS is Accord's software that provides transit seat reservations, business management, and decision support for intercity passenger transportation companies. An information disclosure vulnerability exists in Accord ORS versions prior to 7.3.2.1 that originates from exposing sensitive...

CVE-2024-6921

Cleartext Storage of Sensitive Information vulnerability in NAC Telecommunication Systems Inc. NACPremium allows Retrieve Embedded Sensitive Data.This issue affects NACPremium: through 01082024...

CVE-2022-26327

OpenText Performance Center (Windows) 12.63 is affected by CVE-2022-26327, described as Exposure of Sensitive Information to an Unauthorized Actor, enabling retrieval of embedded sensitive data. Connected sources (PT Security PT-2024-11542) confirm the vulnerable version (12.63) and recommend upd...

CVE-2024-27090 Decidim vulnerable to data disclosure through the embed feature

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. If an attacker can infer the slug or URL of an unpublished or private resource, and this resource can be embbeded such as a...

CVE-2024-24749 Classpath resource disclosure in GWC Web Resource API on Windows / Tomcat

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.23.5 and 2.24.3, if GeoServer is deployed in the Windows operating system using an Apache Tomcat web application server, it is possible to bypass existing input validation in the GeoWebCach...

CVE-2024-1662

Missing Authentication for Critical Function, Missing Authorization vulnerability in PORTY Smart Tech Technology Joint Stock Company PowerBank Application allows Retrieve Embedded Sensitive Data.This issue affects PowerBank Application: before 2.02...

CVE-2024-1272 Information Disclosure to Source Code in TNB Mobile Solutions' Cockpit Software

Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit Software allows Retrieve Embedded Sensitive Data. This issue affects Cockpit Software: before v0.251.1...

CVE-2023-4539

Use of a hard-coded password for a special database account created during Comarch ERP XL installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is same among all Comarch ERP XL installations. This issue affects ERP XL: from 2020.2.2 through 2023....