3856 matches found
CVE-2025-52022
A vulnerability in the PHP backend of gemsloyalty.aptsys.com.sg thru 2025-05-28 allows unauthenticated remote attackers to trigger detailed error messages that disclose internal file paths, code snippets, and stack traces. This occurs when specially crafted HTTP GET/POST requests are sent to publ...
CVE-2025-52022
A vulnerability in the PHP backend of gemsloyalty.aptsys.com.sg thru 2025-05-28 allows unauthenticated remote attackers to trigger detailed error messages that disclose internal file paths, code snippets, and stack traces. This occurs when specially crafted HTTP GET/POST requests are sent to publ...
PT-2026-3934
Neo4j Enterprise edition versions prior to 2025.11.2 and 5.26.17 are vulnerable to a potential information disclosure by an attacker who has some legitimate access to the database. The vulnerability allows attacker without read access to a property to infer information about its value by trying t...
CVE-2026-20838
Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally...
CVE-2026-20838
Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally...
CVE-2005-1650
The web mail service in Woppoware PostMaster 4.2.2 build 3.2.5 generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames...
CVE-2023-25956
Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider. This issue affects Apache Airflow AWS Provider versions before 7.2.1...
CVE-2018-19194
An issue was discovered in XiaoCms 20141229. /admin/index.php?c=database allows full path disclosure in a "failed to open stream" error message...
CVE-2003-1242
Sage 1.0 b3 allows remote attackers to obtain the root web server path via a URL request for a non-existent module, which returns the path in an error message...
CVE-2019-11537
In osTicket before 1.12, XSS exists via /upload/file.php, /upload/scp/users.php?do=import-users, and /upload/scp/ajax.php/users/import if an agent manager user uploads a crafted .csv file to the User Importer, because file contents can appear in an error message. The XSS can lead to local file...
CVE-2021-33845
The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. The potential vulnerability impacts Splunk Enterprise instances before 8.1.7 when configured to repress verbose login errors...
CVE-2022-31189
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an "Internal System Error" occurs in the JSPUI, then entire exception including stack trace is available. Information in this stacktrace may ...
CVE-2022-0079
showdoc is vulnerable to Generation of Error Message Containing Sensitive Information...
CVE-2022-26070
When handling a mismatched pre-authentication cookie, the application leaks the internal error message in the response, which contains the Splunk Enterprise local system path. The vulnerability impacts Splunk Enterprise versions before 8.1.0...
CVE-2024-39737
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 296004...
CVE-2024-39751
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 297429...
CVE-2022-0083
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information...
CVE-2022-0660
Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11...
CVE-2019-7941
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Information Exposure Through an Error Message vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user...
CVE-2019-12446
An issue was discovered in GitLab Community and Enterprise Edition 8.3 through 11.11. It allows Information Exposure through an Error Message...