35 matches found
CRLF Injection
microweber/microweber is vulnerable to CRLF Injection. Lack of filtering CRLF characters in redirectUrl allows an attacker to cause stack trace exposure...
GHSA-3WWJ-WH2W-G4XP CRLF Injection in microweber
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...
CRLF Injection in microweber
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...
CVE-2022-0666
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...
CVE-2022-0666
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...
Crlf injection
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...
CVE-2022-0666 CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in microweber/microweber
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...
CVE-2022-0666
CVE-2022-0666 affects microweber/microweber prior to 1.2.11. The vulnerability is a CRLF Injection caused by lack of filtering in redirects (notably the redirect_to/redirectUrl path), leading to stack trace exposure. Nuclei and Veracode listings corroborate the issue and note potential impact suc...
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/
Description The Introduction of a New Line Character lets the attacker the stack trace at demo.microweber.org/ This Attack becomes more significant because of its Less complication. The Stack trace discloses following information : 1. Backend Response code. 2. The Versions of Backend Laravel...
CVE-2019-4722
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information via a stack trace due to mishandling of certain error conditions. IBM X-Force ID: 172128...
CVE-2021-26067
Affected versions of Atlassian Bamboo allow an unauthenticated remote attacker to view a stack trace that may reveal the path for the home directory in disk and if certain files exists on the tmp directory, via a Sensitive Data Exposure vulnerability in the /chart endpoint. The affected versions...
IBM Cloud App Management Information Disclosure Vulnerability
IBM Cloud App Management is a set of infrastructure monitoring solutions based on microservices architecture from IBM, USA. The product is able to provide application-aware and infrastructure monitoring, analytics and more. An information disclosure vulnerability exists in IBM Cloud App Managemen...
PT-2019-17084 · Ibm · Ibm Websphere Application Server
Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server versions 7.0 through 9.0 Description: A remote attacker could obtain sensitive information when a stack trace is returned in the browser. Recommendations: For IBM WebSphere Application Server versions 7.0...
CVE-2019-4377
IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace that could be used in further attacks against the system. IBM X-Force ID: 162803...
CVE-2017-1099
IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions. IBM X-Force ID: 120659...