PT-2026-41354

phpMyFAQ before 4.1.2 contains missing permission checks in ConfigurationTabController.php where 12 endpoints use userIsAuthenticated instead of userHasPermissionCONFIGURATION EDIT. Any authenticated user can enumerate system configuration metadata including permission model, cache backend, mail...

GHSA-RM98-82FR-MCFX phpMyFAQ's Missing CONFIGURATION_EDIT Permission Check on 12 Admin API Configuration Tab Endpoints Allows Information Disclosure by Any Authenticated User

Summary 12 endpoints in ConfigurationTabController.php use userIsAuthenticated login-only check instead of userHasPermissionPermissionType::CONFIGURATIONEDIT. This allows any authenticated user — including ones with zero admin permissions — to enumerate system configuration metadata including the...

CVE-2025-43776

A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.9, 2025.Q1.0 through 2025.Q1.16, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.19 and 7.4 GA...

CVE-2023-41153

A Stored Cross-Site Scripting XSS vulnerability in the SSH configuration tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via options for the host value while editing the host options...

Usermin Cross-Site Scripting Vulnerability

Webmin Usermin is a web-based interface from Webmin Inc. It is used for webmail, password change, mail filters, fetchmail, and more. A cross-site scripting vulnerability exists in Usermin version 2.001, which originates from a security issue in the configuration tab and allows remote attackers to...

PT-2023-27828 · Usermin · Usermin

Name of the Vulnerable Software and Affected Versions: Usermin version 2.001 Description: A Stored Cross-Site Scripting XSS vulnerability in the SSH configuration tab allows remote attackers to inject arbitrary web script or HTML via options for the host value while editing the host options...

Cotonti Siena 0.9.19 - (maintitle) Stored Cross-Site Scripting Vulnerability

Exploit Title: Cotonti Siena 0.9.19 - 'maintitle' Stored Cross-Site Scripting Exploit Author: Fatih İLGİN Vendor Homepage: cotonti.com Vulnerable Software: https://www.cotonti.com/download/siena0919 Affected Version: 0.9.19 Tested on: Windows 10 Vulnerable Parameter Type: POST Vulnerable Paramete...

Lexmark Scan To Network (SNF) 3.2.9 Information Disclosure Vulnerability

Lexmark Scan to Network SNF printer application versions 3.2.9 and below suffer from a credential disclosure vulnerability. Summary ======= 1. Information exposure of network credentials in embedded printer application CVE-2017-13771 Vendor ====== "Lexmark creates innovative imaging solutions and...

Design/Logic Flaw

The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the "value" field of the proxy user settings in "system settings / scan settings / anti spam" configuration tab...

CVE-2016-7397

The CVE-2016-7397 vulnerability affects the Sophos UTM Frontend component (firmware 9.405-5 and earlier). A local administrator can disclose sensitive password information by reading the value field of the SMTP user settings in the Notifications configuration tab. Public disclosures and multiple ...

[Burp Co2] A collection of enhancements for Portswigger's popuplar Burp Suite web penetration testing tool

Co2 includes several useful enhancements bundled into a single Java-based Burp Extension. The extension has it's own configuration tab with multiple sub-tabs for each Co2 module. Modules that interact with other Burp tools can be disabled from within the Co2 configuration tab, so there is no need...

CVE-2013-3497

Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen...

Design/Logic Flaw

Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen...

CVE-2013-3497

Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen...