Lucene search
K

178 matches found

CVE
CVE
added 2026/05/29 2:46 p.m.14 views

CVE-2018-25398

Open ISES Project 3.30A is affected by an SQL injection in main.php via the frm_passwd parameter. Unauthenticated attackers can send crafted POST requests to extract database information (usernames, database names, version details). The issue is documented across CVE entries (CVE-2018-25398). No ...

8.8CVSS6.1AI score0.00334EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/02 5:4 a.m.1 views

CVE-2025-67807

The login mechanism of Sage DPW 202506004 displays distinct responses for valid and invalid usernames, allowing enumeration of existing accounts in versions before 202106000. On-premise administrators can toggle this behaviour in newer versions...

4.7CVSS5.8AI score0.00142EPSS
Exploits0References1
CVE
CVE
added 2026/02/12 10:48 p.m.12 views

CVE-2019-25337

CVE-2019-25337 affects OwnCloud 8.1.8. The issue is a username enumeration flaw exposing user accounts by manipulating the share.php endpoint: sending crafted GET requests to /index.php/core/ajax/share.php with a wildcard search parameter can reveal user information. Root cause appears to be impr...

9.8CVSS5.6AI score0.00406EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/12 10:48 p.m.33 views

CVE-2019-25337 OwnCloud 8.1.8 - Username Disclosure

OwnCloud 8.1.8 contains a username enumeration vulnerability that allows remote attackers to discover user accounts by manipulating the share.php endpoint. Attackers can send crafted GET requests to /index.php/core/ajax/share.php with a wildcard search parameter to retrieve comprehensive user...

9.8CVSS0.00406EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/12 10:48 p.m.1 views

CVE-2019-25337 OwnCloud 8.1.8 - Username Disclosure

OwnCloud 8.1.8 contains a username enumeration vulnerability that allows remote attackers to discover user accounts by manipulating the share.php endpoint. Attackers can send crafted GET requests to /index.php/core/ajax/share.php with a wildcard search parameter to retrieve comprehensive user...

9.8CVSS5.6AI score0.00406EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/10 9:25 a.m.5 views

CVE-2026-23901

Observable Timing Discrepancy vulnerability in Apache Shiro. This issue affects Apache Shiro: from 1., 2. before 2.0.7. Users are recommended to upgrade to version 2.0.7 or later, which fixes the issue. Prior to Shiro 2.0.7, code paths for non-existent vs. existing users are different enough, tha...

1CVSS5.6AI score0.00219EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.5 views

CVE-2026-22604

OpenProject is an open-source, web-based project management software. For OpenProject versions from 11.2.1 to before 16.6.2, when sending a POST request to the /account/changepassword endpoint with an arbitrary User ID as the passwordchangeuserid parameter, the resulting error page would show the...

6.9CVSS6.8AI score0.00254EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/10 1:7 a.m.3 views

CVE-2026-22604 OpenProject is vulnerable to user enumeration via the change password function

OpenProject is an open-source, web-based project management software. For OpenProject versions from 11.2.1 to before 16.6.2, when sending a POST request to the /account/changepassword endpoint with an arbitrary User ID as the passwordchangeuserid parameter, the resulting error page would show the...

6.9CVSS6.5AI score0.00254EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 11:24 a.m.7 views

CVE-2021-31549

An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. The Special:AbuseFilter/examine form allowed for the disclosure of suppressed MediaWiki usernames to unprivileged users...

4.3CVSS6.7AI score0.00803EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:35 a.m.7 views

CVE-2019-7272

Optergy Proton/Enterprise devices allow Username Disclosure...

5.3CVSS7AI score0.10469EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2025/11/13 1:0 a.m.6 views

CVE-2025-52331

Cross-site scripting XSS vulnerability in the generate report functionality in Rarlab WinRAR 7.11, allows attackers to disclose user information such as the computer username, generated report directory, and IP address. The generate report command includes archived file names without validation i...

6.1CVSS5.9AI score0.00268EPSS
Exploits0References1
OSV
OSV
added 2025/11/12 5:15 p.m.4 views

CVE-2025-52331

Cross-site scripting XSS vulnerability in the generate report functionality in Rarlab WinRAR 7.11, allows attackers to disclose user information such as the computer username, generated report directory, and IP address. The generate report command includes archived file names without validation i...

6.1CVSS5.7AI score0.00268EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/12 12:0 a.m.6 views

CVE-2025-52331

Cross-site scripting XSS vulnerability in the generate report functionality in Rarlab WinRAR 7.11, allows attackers to disclose user information such as the computer username, generated report directory, and IP address. The generate report command includes archived file names without validation i...

0.00268EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/31 12:0 a.m.5 views

PT-2025-44628

Name of the Vulnerable Software and Affected Versions Analytify Pro versions prior to 7.0.4 Description The Analytify Pro plugin for WordPress is susceptible to a sensitive information disclosure. Unauthenticated attackers may be able to extract usernames from the source code through the Analytif...

5.3CVSS6.3AI score0.00249EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-15965

Malware in sbrugna...

6.6CVSS6.6AI score0.00575EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-10371

Malware in sbrugna...

4.3CVSS4.6AI score0.0084EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-25863

Malware in sbrugna...

5.3CVSS5.9AI score0.01704EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2011-3094

Malware in sbrugna...

5CVSS6.1AI score0.02209EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-13214

Malware in sbrugna...

5.3CVSS5.6AI score0.0153EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-18446

Malware in sbrugna...

4.3CVSS4.5AI score0.00803EPSS
Exploits0References4
Rows per page
Query Builder