Lucene search
K

30 matches found

OSV
OSV
added 2020/01/31 6:0 p.m.17 views

GHSA-PRG5-HG25-8GRQ Ability to switch channels via GET parameter enabled in production environments

Impact This vulnerability gives the ability to switch channels via the channelcode GET parameter in production environments. This was meant to be enabled only when %kernel.debug% is set to true. However, if no syliuschannel.debug is set explicitly in the configuration, the default value which is...

4.4CVSS4.6AI score0.00737EPSS
Exploits0References4
OSV
OSV
added 2020/01/27 9:15 p.m.21 views

CVE-2020-5218

Affected versions of Sylius give attackers the ability to switch channels via the channelcode GET parameter in production environments. This was meant to be enabled only when kernel.debug is set to true. However, if no syliuschannel.debug is set explicitly in the configuration, the default value...

4.3CVSS5.2AI score0.00737EPSS
Exploits0References2
Prion
Prion
added 2018/02/12 7:29 p.m.20 views

Information disclosure

In XBLRamDump mode, there is a debug feature that can be used to dump memory contents, if an attacker has physical access to the device. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi...

4.7CVSS4AI score0.00156EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2006/10/02 12:0 a.m.23 views

FreeBSD : dokuwiki -- multiple vulnerabilities (fcba5764-506a-11db-a5ae-00508d6a62df)

Secunia reports : rgod has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the 'TARGETFN' parameter in bin/dwpage.php is not properly sanitised before being used to copy files. This can be exploited via director...

7.5CVSS6.1AI score0.01939EPSS
Exploits3References5
NVD
NVD
added 2006/09/11 5:4 p.m.13 views

CVE-2006-4679

DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug"...

5CVSS6AI score0.01655EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2006/09/11 5:4 p.m.27 views

CVE-2006-4679

DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug"...

5CVSS5.9AI score0.01655EPSS
Exploits1References1
OSV
OSV
added 2006/09/11 5:4 p.m.5 views

CVE-2006-4679

DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug"...

6AI score
Exploits0References6
CVE
CVE
added 2006/09/11 5:0 p.m.65 views

CVE-2006-4679

DokuWiki prior to 2006-03-09c is vulnerable: it enables the debug feature by default, allowing remote attackers to obtain sensitive information via doku.php when the X-DOKUWIKI-DO header is set to "debug". The issue is confirmed across multiple sources (NVD/OpenVAS/Gentoo GLSA). A remediation bar...

5CVSS5.9AI score0.01655EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2006/09/11 5:0 p.m.31 views

CVE-2006-4679

DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug"...

5.9AI score0.01655EPSS
Exploits1References6
FreeBSD
FreeBSD
added 2006/09/08 12:0 a.m.82 views

dokuwiki -- multiple vulnerabilities

Secunia reports: rgod has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "TARGETFN" parameter in bin/dwpage.php is not properly sanitised before being used to copy files. This can be exploited via directory...

7.5CVSS7.6AI score0.01939EPSS
Exploits3References2
Rows per page
Query Builder