Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2025/09/30 12:0 a.m.6 views

PT-2025-40021

Name of the Vulnerable Software and Affected Versions LiquidFiles versions prior to 4.2 Description The application exhibits a user enumeration issue in its password reset functionality. An unauthenticated attacker can determine the existence of user accounts by observing distinguishable response...

7.3CVSS6.7AI score0.00648EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2022/09/06 5:19 p.m.7 views

CVE-2022-2939 WP Cerber Security <= 9.0 - User Enumeration Bypass

The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. This is due to improper validation on the value supplied through the 'author' parameter found in the /cerber-load.php file. In...

5.3CVSS7AI score0.00688EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2022/01/13 6:55 a.m.41 views

CVE-2019-11716

Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNameswindow. Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes t...

8.3CVSS2.2AI score0.01354EPSS
Exploits0References4
NVD
NVD
added 2019/07/23 2:15 p.m.17 views

CVE-2019-11716

Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNameswindow. Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes t...

8.3CVSS8.4AI score0.01354EPSS
Exploits0References7
Rows per page
Query Builder