WordPress Custom Field Template plugin <= 2.6.1 - Authenticated Information Exposure vulnerability

Authenticated Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Custom Field Template versions = 2.6.1...

CVE-2023-39980

A vulnerability that allows the unauthorized disclosure of authenticated information has been identified in MXsecurity versions prior to v1.0.1. This vulnerability arises when special elements are not neutralized correctly, allowing remote attackers to alter SQL commands...

Sql injection

A vulnerability that allows the unauthorized disclosure of authenticated information has been identified in MXsecurity versions prior to v1.0.1. This vulnerability arises when special elements are not neutralized correctly, allowing remote attackers to alter SQL commands...

CVE-2023-39980 MXsecurity Authenticated Information Disclosure Due to SQL Injection

A vulnerability that allows the unauthorized disclosure of authenticated information has been identified in MXsecurity versions prior to v1.0.1. This vulnerability arises when special elements are not neutralized correctly, allowing remote attackers to alter SQL commands...

MOXA MXsecurity SQL Injection Vulnerability

MOXA MXsecurity is a management platform from China-based MOXA. It provides centralized visibility and security management to easily monitor and identify network threats and prevent security misconfigurations to create a robust threat defense. A security vulnerability exists in MXsecurity v1.0.1...

QNAP QuTS hero Multiple Vulnerabilities (QSA-23-02, QSA-23-06, QSA-23-10, QSA-23-11, QSA-23-15)

QNAP QuTS hero is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qutshero"; ifdescriptio...

CVE-2023-25591 Authenticated Information Disclosure in ClearPass Policy Manager Web-Based Management Interface

A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low privileges to access sensitive information. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further...

CVE-2022-40295

The application was vulnerable to an authenticated information disclosure, allowing administrators to view unsalted user passwords, which could lead to the compromise of plaintext passwords via offline attacks...

CVE-2022-40295 Authenticated sensitive information disclosure in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC.

The application was vulnerable to an authenticated information disclosure, allowing administrators to view unsalted user passwords, which could lead to the compromise of plaintext passwords via offline attacks...

PT-2018-5783 · Ibm · Ibm Doors Web Access

Name of the Vulnerable Software and Affected Versions: IBM Doors Web Access versions 9.5 through 9.6 Description: The issue allows an authenticated user to obtain sensitive information from HTTP internal server error responses. Recommendations: For IBM Doors Web Access versions 9.5 through 9.6,...

Cacti 1.1.27 Multiple Vulnerabilities - Windows

Cacti through 1.1.27 is prone to following vulnerabilities: - Reflected XSS - Authenticated information disclosure - Authenticated remote code execution SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Cacti 1.1.27 Multiple Vulnerabilities - Linux

Cacti through 1.1.27 is prone to following vulnerabilities: - Reflected XSS - Authenticated information disclosure - Authenticated remote code execution SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

IBM Storwize Authenticated Information Disclosure

The remote Storwize device is a model that is affected by an authenticated information disclosure vulnerability. In the event of a hardware fault, memory contents containing customer data may be written to a file that can be read by an authenticated user of the system who may not otherwise have...