60 matches found
CVE-2024-10537
The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the validateusermetakey function in all versions up to, and including, 2.9.11. This makes it possible for authenticated attackers, with...
CVE-2024-42380
CVE-2024-42380 concerns SAP NetWeaver AS ABAP/ABAP Platform where an RFC-enabled function module allows a low-privileged user to read other users’ workplace favourites, user menus, and related node data, enabling username enumeration. The impact is described as low confidentiality risk to the app...
CVE-2024-3897
The Popup Box – Best WordPress Popup Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ayspbcreateauthor AJAX action in all versions up to, and including, 4.3.6. This makes it possible for unauthenticated attackers to enumerate all...
CVE-2024-3897
CVE-2024-3897 affects the WordPress plugin Popup Box – Best WordPress Popup Plugin (ays-popup-box) up to version 4.3.6. The vulnerability arises from a missing capability check on the ays_pb_create_author AJAX action, allowing unauthenticated attackers to enumerate all registered emails. MITRE/AT...
CVE-2024-3897 Popup Box – Best WordPress Popup Plugin <= 4.3.6 - Missing Authorization to Information Exposure
The Popup Box – Best WordPress Popup Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ayspbcreateauthor AJAX action in all versions up to, and including, 4.3.6. This makes it possible for unauthenticated attackers to enumerate all...
GHSA-MP92-3JFM-3575 Synapse vulnerable to leak of remote user device information
Impact Cached device information of remote users can be queried from Synapse. This can be used to enumerate the remote users known to a homeserver. Patches System administrators are encouraged to upgrade to Synapse 1.95.1 as soon as possible. Workarounds The federationdomainwhitelist can be used ...
GHSA-C9HW-557Q-F8HQ Pimcore vulnerable to SQL Injection in Dataobjects sorting
Impact Using some SQL exploitation tools such as sqlmap, an attacker can enumerate all information in the database, alter data or perform dos on the backend database. Patches Update to version 10.6.5 or apply this patch manually...
Raptor Technologies Volunteer Management Client-Side Security Controls (FIXED)
Prior to Mar 18, 2023, due to a reliance on client-side controls, authorized users of Raptor Technologies Volunteer Management SaaS products could effectively enumerate authorized users, and could modify restricted and unrestricted fields in the accounts of other users associated with the same...
ASB-A-257030107
In getNumberFromCallIntent of NewOutgoingCallIntentBroadcaster.java, there is a possible way to enumerate other user's contact phone number due to a confused deputy. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for...
Design/Logic Flaw
LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LDAP search configuration. This issue has been fixed ...
CVE-2022-31088 Unauthenticated LDAP Injection in ldap-account-manager
LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LDAP search configuration. This issue has been fixed ...
CVE-2022-31088
The CVE-2022-31088 issue affects LDAP Account Manager (LAM). In versions prior to 8.0, the username field at login could be used to enumerate LDAP data during LDAP search configuration. This is limited to enumeration during login and does not mention broader code execution paths. The vulnerabilit...
Linux-Chrome-Recon - An Information Gathering Tool Used To Enumerate All Possible Data About An User From Google-Chrome Browser From Any Linux Distribution
"linux-chrome-recon" is a Information gathering tool used to enumerate all possible data about an user from Google-Chrome browser from any Linux distribution Intro 1.Loots possible data from Google-Chrome 2.Launches HTTP Server on /tmp directory Usefull 3.Simple script to receive data from...
ownCloud/Nextcloud Unprotected Data Directory (HTTP)
ownCloud/Nextcloud is exposing an unprotected data directory. SPDX-FileCopyrightText: 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
WMI IIS ISAPI Extension Enumeration
Binary data wmienumiiscomponents.nbin...
WMI Encryptable Volume Enumeration
Binary data wmienumencryptablevolumes.nbin...
RedDot CMS 7.5 (LngId) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/env python un-comment your selection. import urllib2 import urllib import string import getopt import sys def banner: print print "RED DOT CMS 7.5 database enumeration" print "by Mark Crowther and Rodrigo Marcos" def usage: print print "usage:" print...
RedDot CMS 7.5 (LngId) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications =================================================== RedDot CMS 7.5 LngId Remote SQL Injection Exploit =================================================== !/usr/bin/env python un-comment your selection. import urllib2 import urllib import...
RDdbenum.py.txt
!/usr/bin/env python un-comment your selection. import urllib2 import urllib import string import getopt import sys def banner: print print "RED DOT CMS 7.5 database enumeration" print "by Mark Crowther and Rodrigo Marcos" def usage: print print "usage:" print "python RDPOC.py options URL" print...
RedDot CMS 7.5 - 'LngId' SQL Injection
!/usr/bin/env python un-comment your selection. import urllib2 import urllib import string import getopt import sys def banner: print print "RED DOT CMS 7.5 database enumeration" print "by Mark Crowther and Rodrigo Marcos" def usage: print print "usage:" print "python RDPOC.py options URL" print...