12 matches found
CVE-2023-43784
Plesk Onyx 17.8.11 has accessKeyId and secretAccessKey fields that are related to an Amazon AWS Firehose component. NOTE: the vendor's position is that there is no security threat...
PT-2023-28982 · Plesk +1 · Plesk Onyx +1
Name of the Vulnerable Software and Affected Versions: Plesk Onyx version 17.8.11 Description: The issue is related to the presence of accessKeyId and secretAccessKey fields in the Amazon AWS Firehose component. However, the vendor's position is that there is no security threat. Recommendations:...
Code injection
Redpanda before 22.3.12 discloses cleartext AWS credentials. The import functionality in the rpk binary logs an AWS Access Key ID and Secret in cleartext to standard output, allowing a local user to view the key in the console, or in Kubernetes logs if stdout output is collected. The fixed versio...
Yuanzi Parenting AliCloud OSS credentials have information leakage vulnerability
Yuanzi Parenting APP is a parenting mobile application for parents of 1 to 6 year old babies, which can be an interactive sharing platform for the exchange of parenting knowledge and experience. Aliyun Object Storage Service OSS is a massive, secure and highly reliable cloud storage service...
Arigatou PICOOC AliCloud OSS credentials have information leakage vulnerability
Arigatou PICOOC APP is the companion APP application for Latin, a smart scale that measures body fat. AliCloud Object Storage Service, or OSS for short, is a massive, secure and highly reliable cloud storage service provided by AliCloud to the outside world. There is an information leakage...
Star Queen Aliyun OSS credentials have information leakage vulnerability
Star Queen APP is a social platform based on beauty and beautification manicure plastic surgery and bodybuilding and other industries. AliCloud Object Storage Service OSS is a massive, secure and highly reliable cloud storage service provided by AliCloud. After the star AliCloud OSS credentials...
Xiaoming probe test Ali cloud OSS credentials have information leakage vulnerability
Xiaoming tan exam app is a learning mobile app application. Xiaoming Tangkao Ali Cloud OSS credentials have an information leakage vulnerability. The vulnerability is caused by credential leakage due to the use of SDK with accessKeyId and accessKeySecret, endpoint built into the mobile app. An...
Orange Aliyun OSS credentials suffer from information leakage vulnerability
Orange APP is an erotic community app. AliCloud Object Storage ServiceObject Storage Service, or OSS for short, is a massive, secure and highly reliable cloud storage service provided by AliCloud to the public. There is an information leakage vulnerability in the Orange Aliyun OSS credentials. Th...
Personality.com App AliCloud OSS Credentials Exist Information Leakage Vulnerability
Personality.com App is a mobile application tailored for young people. Personality.com App AliCloud OSS credentials have information leakage vulnerability. The vulnerability is caused by credential leakage due to the built-in accessKeyId and accessKeySecret in the mobile app when using the SDK. A...
Information leakage vulnerability in Aliyun OSS credentials of McBaoBao's Android client
Mbaobao Android is a mobile Android shopping software produced by the fashion luggage B2C website Mbaobao Honor. Mbaobao Android client AliCloud OSS credentials information leakage vulnerability. The vulnerability is caused by credential leakage due to the use of SDK with accessKeyId and...
Baby Grid AliCloud oss credentials have information leakage vulnerability
Baby Grid is a Chinese overseas direct mail B2C e-commerce company. Baby Lattice aliyun oss credentials have information leakage vulnerability. The vulnerability stems from the existence of information leakage of aliyun oss credentials, when using this SDK, the accessKeyId and accessKeySecret,...
National Security Community App aliyun oss credentials have information leakage vulnerability
Aliyun Object Storage Service OSS is a massive, secure and highly reliable cloud storage service provided by Aliyun. National Security Community aliyun oss credentials have an information leakage vulnerability. When using this SDK, accessKeyId and accessKeySecret, endpoint are built into the mobi...