Yes/No Chart < 1.0.12 - Authenticated (contributor+) Blind SQL Injection

The plugin did not sanitise its sid shortcode parameter before using it in a SQL statement, allowing medium privilege users contributor+ to perform Blind SQL Injection attacks PoC To exploit, the site administrator must add a question set and a question first. This requirement is usually met for...

Yes/No Chart < 1.0.12 - Authenticated (contributor+) Blind SQL Injection

The plugin did not sanitise its sid shortcode parameter before using it in a SQL statement, allowing medium privilege users contributor+ to perform Blind SQL Injection attacks To exploit, the site administrator must add a question set and a question first. This requirement is usually met for all...

"Citrix gateway plug-in for java is not supported" on all web browsers except IE

After upgrading ADCsoftware to 13.0 7+ The following isthe error message users will see on web browsers: Citrix Gateway Plug-in for Java is not supported. For further help or information, contact your help desk or system administrator."...

CVE-2021-29688

IBM Security Identity Manager 7.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 200102...

CVE-2021-29682

IBM Security Identity Manager 7.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199997...

Information disclosure

IBM Security Identity Manager 7.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199997...

CVE-2021-29688

IBM Security Identity Manager 7.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 200102...

CVE-2021-29682

IBM Security Identity Manager 7.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199997...

CVE-2021-20393

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196001...

Information disclosure

IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196001...

OctoPrint Cross-Site Request Vulnerability

OctoPrint is an application. Provides a fast web interface for controlling consumer 3D printers. A cross-site request vulnerability existed prior to OctoPrint version 1.6.0. The vulnerability originated in the program because an API error message included the value of an input parameter. No...

IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2021-34726)

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. An information...

Error: "Cannot connect to the Citrix XenApp server. The Citrix SSL server you have selected is not accepting connections"

When launching an application through Citrix Gateway, the following error is displayed: "Cannot connect to the Citrix XenApp server. The Citrix SSL server you have selected is not accepting connections"...

IBM QRadar SIEM 安全漏洞

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. An information...

CVE-2020-4536

IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182907...

Information disclosure

IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182907...

CVE-2020-4536

IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182907...

Mail.ru: internal path disclosure via error message

Internal path in error message at activate.games.mail.ru...

OctoPrint 跨站脚本漏洞

OctoPrint is an application. Provides a fast web interface for controlling consumer 3D printers. A cross-site request vulnerability existed prior to OctoPrint version 1.6.0. The vulnerability originated in the program because an API error message included the value of an input parameter. No...

Siemens Mendix Excel Importer Module

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mendix, a subsidiary of Siemens Equipment: Mendix Excel Importer Module Vulnerability: Generation of Error Message Containing Sensitive Information 2. RISK EVALUATION Successful exploitation of this...