11 matches found
CVE-2025-1395 Sensitive Data Exposure in CoDeriApp's HeyGarson
Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping. This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted several times to verifying fixing proce...
Aptsys Gemscms POS Platform security vulnerabilities
Aptsys Gemscms POS Platform is a catering management system developed by the Indian company Aptsys. There is a security vulnerability in the Aptsys Gemscms POS Platform. This vulnerability arises from the PHP backend, which triggers detailed error messages when processing specially crafted HTTP...
CVE-2026-22646
Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...
CVE-2026-22646
Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...
PT-2025-32547 · Wukongopensource · Wukongcrm
Name of the Vulnerable Software and Affected Versions: WuKongOpenSource WukongCRM version 11.0 Description: A vulnerability exists in WuKongOpenSource WukongCRM 11.0, specifically within an unknown part of the /adminFile/upload file of the API Response Handler component. This allows for informati...
IBM Cognos Controller和IBM Controller 安全漏洞
IBM Cognos Controller and IBM Controller are both products of International Business Machines IBM.IBM Cognos Controller is a business intelligence and planning solution. The product features process automation, financial audit control, and the creation and management of financial reports.IBM...
PT-2024-7108 · Jenkins +1 · Jenkins +1
Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.478 and earlier Jenkins LTS versions 2.462.2 and earlier Description: The issue is related to the lack of protection for sensitive data in Jenkins. Specifically, Jenkins does not redact multi-line secret values in error...
SUSE CVE-2021-36156
An issue was discovered in Grafana Loki through 2.2.1. The header value X-Scope-OrgID is used to construct file paths for rules files, and if crafted to conduct directory traversal such as ae ../../sensitive/path/in/deployment pathname, then Loki will attempt to parse a rules file at that locatio...
IBM Emptoris Spend Analysis Information Disclosure Vulnerability
IBM Emptoris Spend Analysis is a product within IBM's suite of procurement solutions for consolidating, cleansing and categorizing spend data from decentralized systems. An information disclosure vulnerability exists in IBM Emptoris Spend Analysis versions 10.1.0 through 10.1.3, which arises from...
CVE-2017-1342
IBM Insights Foundation for Energy 2.0 could reveal sensitive information in error messages to authenticated users that could e used to conduct further attacks. IBM X-Force ID: 126457...
CVE-2016-0893
EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote authenticated users to obtain sensitive information by reading error messages...