Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/02/04 3:15 a.m.8 views

CVE-2025-70841

Dokans Multi-Tenancy Based eCommerce Platform SaaS 3.9.2 allows unauthenticated remote attackers to obtain sensitive application configuration data via direct request to /script/.env file. The exposed file contains Laravel application encryption key APPKEY, database credentials, SMTP/SendGrid API...

10CVSS5.4AI score0.00383EPSS
Exploits1References1
NVD
NVD
added 2026/02/03 6:16 p.m.5 views

CVE-2025-70841

Dokans Multi-Tenancy Based eCommerce Platform SaaS 3.9.2 allows unauthenticated remote attackers to obtain sensitive application configuration data via direct request to /script/.env file. The exposed file contains Laravel application encryption key APPKEY, database credentials, SMTP/SendGrid API...

10CVSS0.00383EPSS
Exploits1References2
CVE
CVE
added 2026/02/03 12:0 a.m.16 views

CVE-2025-70841

Dokans Multi-Tenancy Based eCommerce Platform SaaS version 3.9.2 is vulnerable to unauthenticated remote access to the /script/.env file. The exposure reveals sensitive data including the Laravel APP_KEY, database credentials, SMTP/SendGrid API credentials, and internal configuration parameters, ...

10CVSS5.5AI score0.00383EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.15 views

Devolutions Server < 2025.2.21 / 2025.3.x < 2025.3.9 Multiple Vulnerabilities (DEVO-2025-0018)

The version of Devolutions Server installed on the remote host is prior to 2025.2.21, or 2025.3.x prior to 2025.3.8, and is, therefore, affected by multiple vulnerabilities: - SQL Injection vulnerability in last usage logs in Devolutions Server. This issue affects Devolutions Server: through...

8.8CVSS5.9AI score0.00524EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/27 3:30 p.m.8 views

CVE-2025-13765

Exposure of email service credentials to users without administrative rights in Devolutions Server.This issue affects Devolutions Server: before 2025.2.21, before 2025.3.9...

0.00326EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/27 12:0 a.m.9 views

PT-2025-48272

Name of the Vulnerable Software and Affected Versions Devolutions Server versions prior to 2025.2.21 Devolutions Server versions prior to 2025.3.9 Description The email service credentials were exposed to users lacking administrative privileges in Devolutions Server. Recommendations Update...

4.3CVSS6.7AI score0.00326EPSS
Exploits0References8
Rows per page
Query Builder