Kentico Xperience Information Disclosure Vulnerability

Kentico Xperience is a digital experience platform from Kentico. Kentico Xperience suffers from an information disclosure vulnerability that originates in the Live Site Part Properties dialog box that could disclose sensitive system objects and can be exploited by an attacker to cause unauthorize...

EUVD-2025-204347

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...

CVE-2019-25230

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...

CVE-2019-25230 Kentico Xperience <= 12.0.0 User Widget Information Disclosure

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...

CVE-2019-25230

Summary: CVE-2019-25230 affects Kentico Xperience with an information disclosure in the Live Site Widget Properties dialog. The vulnerability allows authenticated users to view sensitive system objects, exposing information beyond their access level. According to the connected records, the issue ...

PT-2025-52296

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...

CVE-2025-43792

Remote staging in Liferay Portal 7.4.0 through 7.4.3.105, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not properly obtain the remote address of the live site from th...

CVE-2025-43792

CVE-2025-43792 affects Liferay Portal 7.4.0–7.4.3.105 and older unsupported versions, and Liferay DXP 2023.Q4.0/2023.Q3.x, where the live-site remote address is not reliably obtained from the database. This allows remote authenticated users to exfiltrate data to an attacker-controlled server via ...

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

Multiple plugins by vcita - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitize and the email field in the plugin settings, which could allow users with roles as low as contributor to inject arbitrary web scripts in the plugin settings page, which could target high privilege users such as administrators...

Joomla Digifolio 1.52 SQL Injection

Joomla Component comdigifolio 1.52 id SQL Injection Vulnerability --== Author ==-- + Author : v3n0m + Contact : v3n0m666atlivedotcom + Blog : http://0wnage.wordpress.com/ + Group : YOGYACARDERLINK + Site : http://yogyacarderlink.web.id/ + Date : August, 27th 2009 INDONESIA --== soft Info ==-- +...

Joomla! Component joom12pic 1.0 - Remote File Inclusion

Joom!12Pic Component RFI Bug in : /administrator/components/comjoom12pic/admin.joom12pic.php?mosConfiglivesite= Variable : $mosConfiglivesite Dork: "comjoom12pic" Example: http://xxx.net/administrator/components/comjoom12pic/admin.joom12pic.php?mosConfiglivesite=attacker Greets to all...

Joomla Component Flash Fun! 1.0 Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications =================================================================== Joomla Component Flash Fun! 1.0 Remote File Inclusion Vulnerability =================================================================== Joomla Flash Fun! Component RFI Bug...