Lucene search
K

35 matches found

Veracode
Veracode
added 2022/02/21 6:54 a.m.24 views

CRLF Injection

microweber/microweber is vulnerable to CRLF Injection. Lack of filtering CRLF characters in redirectUrl allows an attacker to cause stack trace exposure...

7.5CVSS4.8AI score0.44259EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/02/19 12:1 a.m.72 views

GHSA-3WWJ-WH2W-G4XP CRLF Injection in microweber

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...

7.6CVSS7.5AI score0.44259EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/02/19 12:1 a.m.39 views

CRLF Injection in microweber

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...

7.6CVSS1.7AI score0.44259EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2022/02/18 3:15 p.m.51 views

CVE-2022-0666

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...

7.6CVSS0.44259EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/02/18 3:15 p.m.6 views

CVE-2022-0666

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...

7.6CVSS7.1AI score0.44259EPSS
Exploits1References4
Prion
Prion
added 2022/02/18 3:15 p.m.25 views

Crlf injection

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...

5CVSS7.7AI score0.44259EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/02/18 2:55 p.m.49 views

CVE-2022-0666 CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in microweber/microweber

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...

7.6CVSS7.8AI score0.44259EPSS
Exploits1References2
CVE
CVE
added 2022/02/18 2:55 p.m.119 views

CVE-2022-0666

CVE-2022-0666 affects microweber/microweber prior to 1.2.11. The vulnerability is a CRLF Injection caused by lack of filtering in redirects (notably the redirect_to/redirectUrl path), leading to stack trace exposure. Nuclei and Veracode listings corroborate the issue and note potential impact suc...

7.6CVSS7.5AI score0.44259EPSS
Exploits1References2Affected Software1
Huntr
Huntr
added 2022/02/17 12:48 p.m.26 views

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/

Description The Introduction of a New Line Character lets the attacker the stack trace at demo.microweber.org/ This Attack becomes more significant because of its Less complication. The Stack trace discloses following information : 1. Backend Response code. 2. The Versions of Backend Laravel...

5CVSS0.7AI score0.44259EPSS
Exploits1
OSV
OSV
added 2021/06/01 2:15 p.m.4 views

CVE-2019-4722

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information via a stack trace due to mishandling of certain error conditions. IBM X-Force ID: 172128...

4.3CVSS7.3AI score0.01386EPSS
Exploits0References3
OSV
OSV
added 2021/01/28 2:15 a.m.2 views

CVE-2021-26067

Affected versions of Atlassian Bamboo allow an unauthenticated remote attacker to view a stack trace that may reveal the path for the home directory in disk and if certain files exists on the tmp directory, via a Sensitive Data Exposure vulnerability in the /chart endpoint. The affected versions...

5.3CVSS6.1AI score0.0111EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/26 12:0 a.m.1 views

IBM Cloud App Management Information Disclosure Vulnerability

IBM Cloud App Management is a set of infrastructure monitoring solutions based on microservices architecture from IBM, USA. The product is able to provide application-aware and infrastructure monitoring, analytics and more. An information disclosure vulnerability exists in IBM Cloud App Managemen...

5.3CVSS6.2AI score0.01269EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/10/03 12:0 a.m.3 views

PT-2019-17084 · Ibm · Ibm Websphere Application Server

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server versions 7.0 through 9.0 Description: A remote attacker could obtain sensitive information when a stack trace is returned in the browser. Recommendations: For IBM WebSphere Application Server versions 7.0...

5.3CVSS5.3AI score0.01596EPSS
Exploits0References4
OSV
OSV
added 2019/06/25 4:15 p.m.2 views

CVE-2019-4377

IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace that could be used in further attacks against the system. IBM X-Force ID: 162803...

4.3CVSS5.8AI score0.0134EPSS
Exploits0References3
OSV
OSV
added 2017/06/13 7:29 p.m.3 views

CVE-2017-1099

IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions. IBM X-Force ID: 120659...

4.3CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder