6 matches found
Video Conferencing with Zoom < 3.8.17 - E-mail Address Disclosure
The plugin does not have authorisation in its vczapigetwpusers AJAX action, allowing any authenticated users, such as subscriber to download the list of email addresses registered on the blog PoC Open the following URL as a subscriber:...
CVE-2017-18887
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It discloses the team creator's e-mail address to members...
Razer US: Customer's e-mail disclosure
It was found that sharing saved cart to Facebook leaks the user e-mail, thus the audience can retrieve it from the link. We appreciate the contribution by @gdinar in helping keep Razer's online properties secure...
Mail.ru: filin.mail.ru user's e-mail address disclosure
Здравствуйте! Данный проект участвует в программе баунти? Я нашла проблему проекта вопросы/ответы. На сколько мне известно, то в данном проекте доступным является только ИД пользователя и его НИК для общего просмотра, НО можно посмотреть адрес почты каждого участника проекта дает адрес почты данн...
CVE-2016-2151
user/index.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 grants excessive authorization on the basis of the moodle/course:viewhiddenuserfields capability, which allows remote authenticated users to discover student e-mail...
Dovecot IMAP 1.0.10 <= 1.1rc2 Remote Email Disclosure Exploit
No description provided by source. lame Dovecot IMAP 1.0.10 - 1.1rc3 Exploit Here's an exploit for the recent TAB vulnerability in Dovecot. It's nothing special since in the wild there are few to none targets because of the special option which has to be set. see CVE Entry CVE-2008-1218 Exploit...