EUVD-2026-36120

Shopware is an open commerce platform. Prior to versions 6.6.10.18 and 6.7.10.1, an attacker is able to enumerate the usernames of administrator users by performing a timing attack. Versions 6.6.10.18 and 6.7.10.1 fix the issue...

CVE-2025-14609 Wise Analytics <= 1.1.9 - Missing Authorization to Unauthenticated Arbitrary Analytics Database Disclosure via 'name' Parameter

The Wise Analytics plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.1.9. This is due to missing capability checks on the REST API endpoint '/wise-analytics/v1/report'. This makes it possible for unauthenticated attackers to access sensitive...

EUVD-2019-13599

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-3992

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration fil...

PT-2020-4664 · Cisco · Cisco Integrated Management Controller

Name of the Vulnerable Software and Affected Versions: Cisco Integrated Management Controller affected versions not specified Description: The issue is related to information disclosure through inconsistency. It may allow a remote attacker to determine all existing usernames. The vulnerability is...

CVE-2019-3992

ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration file by sending an HTTP GET request. Amongst the configuration data, the attacker may gain access to valid admin usernames and, in older...

CVE-2019-3992

ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration file by sending an HTTP GET request. Amongst the configuration data, the attacker may gain access to valid admin usernames and, in older...

CVE-2019-3992

ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration file by sending an HTTP GET request. Amongst the configuration data, the attacker may gain access to valid admin usernames and, in older...

UBUNTU-CVE-2019-3992

ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration file by sending an HTTP GET request. Amongst the configuration data, the attacker may gain access to valid admin usernames and, in older...

CVE-2019-3992

ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration file by sending an HTTP GET request. Amongst the configuration data, the attacker may gain access to valid admin usernames and, in older...

PR06-11: BEA Plumtree portal search facility leaks usernames to unauthenticated users

PR06-11: BEA Plumtree portal search facility leaks usernames to unauthenticated users Description: BEA Plumtree portal 6.0 is vulnerable to username leakage through the search facility. By performing an advanced search, unauthenticated users can enumerate valid usernames with a single HTTP reques...

Kisisel Site 2007 (tr) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================= Kisisel Site 2007 tr Remote SQL Injection Vulnerability ========================================================= Ki.isel Site 2007 tr == SQL Injection Vulnerability Author : cl24zy...