Sitecore Debug Page Detected

Sitecore is a popular web content management system WCMS used for building and managing websites. When the debug page is accessible, it can expose sensitive information about the application's configuration, environment, and code structure. This information can be exploited by attackers to identi...

CVE-2020-36848

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.14.9 via the env-info.php and restore-info.json files. This makes it possible for unauthenticated attackers to...

CVE-2025-5416

A vulnerability has been identified in Keycloak that could lead to unauthorized information disclosure. While it requires an already authenticated user, the /admin/serverinfo endpoint can inadvertently provide sensitive environment information...

PT-2025-15332 · WordPress · Melhor Envio

Name of the Vulnerable Software and Affected Versions: Melhor Envio plugin for WordPress versions up to and including 2.15.9 Description: The issue allows unauthenticated attackers to extract sensitive data, including environment information, plugin tokens, shipping configurations, and limited...

CVE-2024-47560

RevoWorks Cloud Client 3.0.91 and earlier contains an incorrect authorization vulnerability. If this vulnerability is exploited, unintended processes may be executed in the sandbox environment. Even if malware is executed in the sandbox environment, it does not compromise the client's local...

CVE-2024-52313

An authenticated data.all user is able to manipulate a getDataset query to fetch additional information regarding the parent Environment resource that the user otherwise would not able to fetch by directly querying the object via getEnvironment in data.all...

SUSE CVE-2018-19976

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the design of the YARA virtual machine...

[SECURITY] Fedora 34 Update: rust-bugreport-0.4.0-2.fc34

Collect system and environment information for bug reports...

statics-server path traversal vulnerability

statics-server is a server for collecting information about Joomla installation environment. A path traversal vulnerability exists in statics-server. The vulnerability stems from a failure of a networked system or product to properly filter special elements in the path of a resource or file. An...

Information Disclosure

openstack-nova is vulnerable to information disclosure. An external exception from an API request from an authenticated user results in the leak of environment information or other confidential information such as configuration data...

YARA libyara/exec.c File Information Disclosure Vulnerability

YARA is a set of tools used to help software researchers identify and categorize malware samples. A security vulnerability exists in the libyara/exec.c file in YARA version 3.8.1. An attacker could exploit this vulnerability to obtain environment information...

UBUNTU-CVE-2018-19976

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the design of the YARA virtual machine...

CVE-2018-19976

CVE-2018-19976 involves YARA 3.8.1 where bytecode in a specially crafted compiled rule can reveal information about the host environment via libyara/exec.c, a consequence of how the YARA VM is designed. Public descriptions in CNVD and OSV confirm an environment-information exposure vulnerability ...

Puppet Agent Environment Disclosure Vulnerability

Puppet is a set of Puppet Labs configuration management tools based on the client/server C/S architecture.Puppet Agent is one of the agents. A security vulnerability exists in Puppet Agent. An attacker can exploit the vulnerability to retrieve environment information...

CVE-2017-1226

IBM Tivoli Endpoint Manager IBM BigFix Platform 9.2 and 9.5 generates an error message in error logs that includes sensitive information about its environment which could be used in further attacks against the system. IBM X-Force ID: 123905...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows remote authenticated users to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not comment...

CVE-2002-2349

CVE-2002-2349 affects phpBBmod 1.3.3 where a call to phpinfo() can be triggered remotely to reveal sensitive environment information. The provided documents reiterate that phpinfo output exposes configuration and server variables, indicating a partial confidentiality impact. No explicit remediati...

Sambar Server 4.1 Beta - Admin Access

Sambar Server 4.1 Beta - Admin Access source: https://www.securityfocus.com/bid/2255/info 'dumpenv.pl' is a utility that will display environment information on which the server resides, this information could include the server software version being used, directory settings and path information...