Lucene search
K

31 matches found

GithubExploit
GithubExploit
added 2026/03/14 3:8 p.m.130 views

joomla-exploits

joomla-exploits Exploit Title: Joomla! 4.2.8 - Unauthen...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2025/11/11 4:19 p.m.10 views

CVE-2025-33185

NVIDIA AIStore contains a vulnerability in AuthN where an unauthenticated user may cause information disclosure. A successful exploit of this vulnerability may lead to information disclosure...

5.3CVSS0.00836EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/11 4:19 p.m.3 views

CVE-2025-33185

NVIDIA AIStore contains a vulnerability in AuthN where an unauthenticated user may cause information disclosure. A successful exploit of this vulnerability may lead to information disclosure...

5.3CVSS6.3AI score0.00836EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/11/04 7:37 a.m.7 views

Multiple vulnerabilities in Century Systems FutureNet MA and IP-K series

Overview FutureNet MA and IP-K series provided by Century Systems Co., Ltd. contain multiple vulnerabilities listed below. OS command Injection CWE-78 - CVE-2025-54763 Files or directories acessible to external parties CWE-552 - CVE-2025-58152 Chuya Hayakawa of 00One, Inc. reported these...

8.6CVSS7.4AI score0.0128EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/08/12 4:59 p.m.7 views

CVE-2025-24921

Improper neutralization for some Edge Orchestrator software before version 24.11.1 for IntelR TiberTM Edge Platform may allow an unauthenticated user to potentially enable information disclosure via adjacent access...

6.9CVSS0.00203EPSS
Exploits0References1
CVE
CVE
added 2025/06/02 7:24 p.m.107 views

CVE-2025-48996

CVE-2025-48996 describes an unauthenticated information disclosure in HAX open-apis used by PSU deployment of HAX CMS via the haxPsuUsage API endpoint. The vulnerability allows remote, unauthenticated users to enumerate a full list of PSU websites hosted on HAX CMS. The issue is associated with o...

5.3CVSS6.8AI score0.00313EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/02 7:24 p.m.63 views

CVE-2025-48996 Unauthenticated Disclosure of PSU HAX CMS Site Listings via haxPsuUsage API Endpoint

HAX open-apis provides microservice apis for HAX webcomponents repo that are shared infrastructure calls. An unauthenticated information disclosure vulnerability exists in the Penn State University deployment of the HAX content management system via the haxPsuUsage API endpoint, related to a flat...

5.3CVSS0.00313EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 4:55 a.m.6 views

CVE-2019-20213

D-Link DIR-859 routers before v1.07b03beta allow Unauthenticated Information Disclosure via the AUTHORIZEDGROUP=1%0a value, as demonstrated by vpnconfig.php...

7.5CVSS6.8AI score0.01948EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/08 5:22 a.m.4 views

WordPress NextGEN Gallery plugin <= 3.59 - Missing Authorization to Unauthenticated Information Disclosure vulnerability

Missing Authorization to Unauthenticated Information Disclosure vulnerability discovered by Peng Zhou in WordPress Plugin NextGEN Gallery versions = 3.59...

5.3CVSS6.6AI score0.38023EPSS
Exploits0References1Affected Software1
GithubExploit
GithubExploit
added 2023/10/20 1:32 p.m.380 views

Exploit for Improper Access Control in Joomla Joomla\!

Joomla Unauthenticated Information Disclosure Exploit CVE-202...

5.3CVSS5.8AI score0.99827EPSS
Exploits43
OSV
OSV
added 2023/08/03 10:15 p.m.5 views

CVE-2023-30950

The foundry campaigns service was found to be vulnerable to an unauthenticated information disclosure in a rest endpoint...

5.9CVSS5.7AI score0.00344EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.229 views

Screen SFT DAB 600/C - Unauthenticated Information Disclosure (userManager.cgx)

Exploit Title: Screen SFT DAB 600/C - Unauthenticated Information Disclosure userManager.cgx Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/03/28 12:0 a.m.323 views

Joomla! 4.2.7 Unauthenticated Information Disclosure Exploit

!/usr/bin/env ruby Exploit Title: Joomla! = 4.2.8 References: - https://nsfocusglobal.com/joomla-unauthorized-access-vulnerability-cve-2023-23752-notice/ - https://developer.joomla.org/security-centre/894-20230201-core-improper-access-check-in-webservice-endpoints.html -...

5.3CVSS6.2AI score0.99827EPSS
Exploits43
SUSE CVE
SUSE CVE
added 2023/02/15 4:19 a.m.3 views

SUSE CVE-2019-0166

Insufficient input validation in the subsystem for IntelR AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access...

7.5CVSS7.6AI score0.01385EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/04/12 11:15 a.m.25 views

CVE-2022-0140 Visual Form Builder < 3.0.6 - Unauthenticated Information Disclosure

The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry form export, allowing unauthenticated users to see the form entries or export it as a CSV File using the vfb-export endpoint...

5.6AI score0.0384EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2022/02/17 12:0 a.m.249 views

Backdoor.Win32.Zombam.b Information Disclosure

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/1e3665a67201209609ae493a2a590beeB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.b Vulnerability: Unauthenticated Information Disclosure Description: z0mbie's...

7.4AI score
Exploits0
Patchstack
Patchstack
added 2021/01/28 12:0 a.m.14 views

WordPress uListing plugin <= 1.6.6 - Unauthenticated Information Disclosure vulnerability

Unauthenticated Information Disclosure vulnerability found by Jerome Bruandet in WordPress uListing plugin versions = 1.6.6. Solution Update the WordPress uListing plugin to the latest available version at least 1.7...

2.7AI score
Exploits0References2Affected Software1
OSV
OSV
added 2020/09/22 2:15 p.m.4 views

CVE-2020-23446

Verint Workforce Optimization suite 15.1 15.1.0.37634 has Unauthenticated Information Disclosure via API...

5.3CVSS6.1AI score0.01227EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2020/09/22 12:0 a.m.6 views

PT-2020-15559

Name of the Vulnerable Software and Affected Versions Verint Workforce Optimization suite version 15.1 15.1.0.37634 Description The issue concerns an Unauthenticated Information Disclosure via an API. Recommendations For version 15.1 15.1.0.37634, at the moment, there is no information about a...

5.3CVSS6.2AI score0.01227EPSS
Exploits1References7
0day.today
0day.today
added 2020/03/03 12:0 a.m.141 views

GUnet OpenEclass 1.7.3 E-learning platform - (month) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection Google Dork: intext:"© GUnet 2003-2007" Exploit Author: emaragkos Vendor Homepage: https://www.openeclass.org/ Software Link:...

0.1AI score
Exploits0
Rows per page
Query Builder