6 matches found
OpenClaw: Gateway hello snapshots exposed host config and state paths to non-admin clients
Summary Before OpenClaw 2026.4.2, the Gateway connect success snapshot exposed local configPath and stateDir metadata to non-admin clients. Low-privilege authenticated clients could learn host filesystem layout and deployment details that were not needed for their role. Impact A non-admin client...
Round Cube Webmail 0.1 -20051021 Path Disclosure Weakness
No description provided by source. source: http://www.securityfocus.com/bid/15920/info Round Cube will reportedly reveal its installation path in an error message output to the client. The filesystem layout can be sensitive information that is useful in other attacks against the target server. Th...
Round Cube Webmail 0.1 -20051021 - Full Path Disclosure
source: https://www.securityfocus.com/bid/15920/info Round Cube will reportedly reveal its installation path in an error message output to the client. The filesystem layout can be sensitive information that is useful in other attacks against the target server. The trigger for this behavior is not...
PHP-Nuke 6.0 - Multiple Full Path Disclosure Vulnerabilities
source: https://www.securityfocus.com/bid/6406/info Multiple path disclosure vulnerabilities have been discovered in PHP-Nuke. This issue occurs when requesting a PHP script that shouldn't be accessed directly. Exploiting this issue will cause the target server to disclose sensitive information...
PHP-Nuke 6.0 - Multiple Full Path Disclosure Vulnerabilities
PHP-Nuke 6.0 - Multiple Full Path Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/6406/info Multiple path disclosure vulnerabilities have been discovered in PHP-Nuke. This issue occurs when requesting a PHP script that shouldn't be accessed directly. Exploiting this issue wil...
Lotus Domino 5.0.8-9 - Non-Existent NSF Database Banner Information Disclosure
source: https://www.securityfocus.com/bid/6128/info Lotus Domino reportedly discloses sensitive banner information when a non-existent NSF database is requested. This may allow a remote attacker to discover information about the layout of the filesystem. This issue is present on Lotus Domino Serv...