Lucene search
K

9 matches found

NVD
NVD
added 2026/06/23 5:16 p.m.7 views

CVE-2026-13007

Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/ that expose sensitive application configuration data including cleartext LDAP credentials, SAML configuration, user accounts, and directory settings to unauthenticated remote attackers. Affected responses are...

8.7CVSS0.00432EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 3:59 p.m.35 views

CVE-2026-13007 Insecure Public Caching on REST API Endpoints in Tenable Identity Exposure

Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/ that expose sensitive application configuration data including cleartext LDAP credentials, SAML configuration, user accounts, and directory settings to unauthenticated remote attackers. Affected responses are...

8.7CVSS0.00432EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 3:59 p.m.16 views

CVE-2026-13007

Tenable Identity Exposure exposes multiple unauthenticated API endpoints under /w/api/* that return sensitive configuration data (cleartext LDAP credentials, SAML config, user accounts, directory settings). Responses are served with Cache-Control: public and without Vary: Cookie, enabling reverse...

8.7CVSS5.9AI score0.00432EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.10 views

PT-2026-51549

Name of the Vulnerable Software and Affected Versions Tenable Identity Exposure affected versions not specified Description Multiple unauthenticated API endpoints under '/w/api/' expose sensitive application configuration data to remote attackers. The leaked information includes cleartext LDAP...

8.7CVSS7.2AI score0.00432EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-29228

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01634EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-38930

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00552EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/04/15 12:0 a.m.6 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab, which stems from an insecure direct...

7.5CVSS7.3AI score0.00621EPSS
Exploits0References3
NVD
NVD
added 2008/08/10 8:41 p.m.18 views

CVE-2008-3563

Multiple SQL injection vulnerabilities in Plogger 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the checked array parameter to plog-download.php in an album action and 2 unspecified parameters to plog-remote.php, and 3 allow remote authenticated administrators to...

7.5CVSS8.2AI score0.02429EPSS
Exploits0References7
Packet Storm
Packet Storm
added 2008/08/06 12:0 a.m.20 views

litenews-sql.txt

litenews-01 = 1.2 Remote sql injection Download : http://webscripts.softpedia.com/scriptDownload/LiteNews-Download-43228.htmldownloadlocations Injection Adress : http://Sitename/litenew//index.php?mode=view&id= code sql you need to crypt the directory of settings.php with hex for see the user and...

7.4AI score
Exploits0
Rows per page
Query Builder