Lucene search
K

22 matches found

RedhatCVE
RedhatCVE
added 2026/03/27 5:9 p.m.8 views

CVE-2025-55276

HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability will give attackers a clearer map of the organization’s network layout...

5.3CVSS5.9AI score0.00202EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/26 12:46 p.m.1 views

CVE-2025-55276 HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability

HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability will give attackers a clearer map of the organization’s network layout...

3.1CVSS5.8AI score0.00202EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-17552

Malware in sbrugna...

5.3CVSS7.2AI score0.02175EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.242 views

Outlook Web App (OWA) / Client Access Server (CAS) IIS HTTP Internal IP Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Outlook Web App OWA / Client Access Server CAS IIS HTTP Internal IP Disclosure', 'Description' = %q This module tests vulnerable IIS HTTP header...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/08/02 12:0 a.m.65 views

GLSA-202207-01 : HashiCorp Vault: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202207-01 HashiCorp Vault: Multiple Vulnerabilities - HashiCorp Vault and Vault Enterprise allowed for enumeration of Secrets Engine mount paths via unauthenticated HTTP requests. Fixed in 1.6.2 & 1.5.7. CVE-2020-25594 - HashiCorp...

8.8CVSS6.1AI score0.01407EPSS
Exploits0References22
ATTACKERKB
ATTACKERKB
added 2022/05/26 5:15 p.m.2 views

CVE-2022-30494

In oretnom23 Automotive Shop Management System v1.0, the first and last name user fields suffer from a stored XSS Injection Vulnerability allowing remote attackers to gain admin access and view internal IPs...

5.4CVSS6.1AI score0.00596EPSS
Exploits1References2
Hacker One
Hacker One
added 2020/10/09 9:35 p.m.985 views

Informatica: ..; bypass leading to tomcat scripts [Unauthenticated]

Hello all Using the technique ..; i was able to bypass the protection mechanism to access Tomcat Example Scripts hosted at https://███/. Steps to reproduce 1 - Open all URL's bellow inside your browser https://█████████/..;/examples/servlets/servlet/SessionExample | Will lead to Session...

0.3AI score
Exploits0
OpenVAS
OpenVAS
added 2019/08/14 12:0 a.m.44 views

Adobe Acrobat 2017 Security Updates (APSB19-41) - Windows

Adobe Acrobat 2017 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat";...

10CVSS8.7AI score0.40626EPSS
Exploits13References1
OpenVAS
OpenVAS
added 2019/08/14 12:0 a.m.30 views

Adobe Acrobat Reader DC (Classic Track) Multiple Vulnerabilities (APSB19-41) - Mac OS X

Adobe Acrobat Reader DC Classic Track is prone to multiple arbitrary code execution vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

10CVSS9.3AI score0.40626EPSS
Exploits13References1
OpenVAS
OpenVAS
added 2019/08/14 12:0 a.m.32 views

Adobe Acrobat DC (Continuous Track) Security Updates (APSB19-41) - Windows

Adobe Acrobat DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS8.7AI score0.40626EPSS
Exploits13References1
RedHat Linux
RedHat Linux
added 2017/12/13 5:57 p.m.5 views

EAP7: Internal IP address disclosed on redirect when request header Host field is not set

It was found that when issuing a GET request which results in a 302 redirect, and when the request header 'Host' field was not set, the response header field 'Location' contains the internal IP address of the server. An attacker could use this disclose information which they are not authorized to...

5.3CVSS7.3AI score0.02264EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/12/13 5:31 p.m.4 views

EAP7: Internal IP address disclosed on redirect when request header Host field is not set

It was found that when issuing a GET request which results in a 302 redirect, and when the request header 'Host' field was not set, the response header field 'Location' contains the internal IP address of the server. An attacker could use this disclose information which they are not authorized to...

5.3CVSS7.3AI score0.02264EPSS
Exploits0References4
Metasploit
Metasploit
added 2015/04/15 10:10 p.m.39 views

Outlook Web App (OWA) / Client Access Server (CAS) IIS HTTP Internal IP Disclosure

This module tests vulnerable IIS HTTP header file paths on Microsoft Exchange OWA 2003 and CAS 2007, 2010, and 2013 servers. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Outlook Web App OWA ...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2014/09/29 12:0 a.m.52 views

Outlook Web App (OWA) / Client Access Server (CAS) IIS HTTP Internal IP Disclosure

Exploit Title: Microsoft Exchange IIS HTTP Internal IP Disclosure Vulnerability Google Dork: NA Date: 08/01/2014 Exploit Author: Nate Power Vendor Homepage: microsoft.com Software Link: NA Version: Exchange OWA 2003, Exchange CAS 2007/2010/2013 Tested on: Exchange OWA 2003, Exchange CAS...

0.2AI score
Exploits0
0day.today
0day.today
added 2014/09/29 12:0 a.m.34 views

Microsoft Exchange IIS HTTP Internal IP Address Disclosure

Exploit for windows platform in category remote exploits Exploit Title: Microsoft Exchange IIS HTTP Internal IP Disclosure Vulnerability Google Dork: NA Date: 08/01/2014 Exploit Author: Nate Power Vendor Homepage: microsoft.com Software Link: NA Version: Exchange OWA 2003, Exchange CAS...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/09/29 12:0 a.m.38 views

Microsoft Exchange - IIS HTTP Internal IP Address Disclosure (Metasploit)

Exploit Title: Microsoft Exchange IIS HTTP Internal IP Disclosure Vulnerability Google Dork: NA Date: 08/01/2014 Exploit Author: Nate Power Vendor Homepage: microsoft.com Software Link: NA Version: Exchange OWA 2003, Exchange CAS 2007/2010/2013 Tested on: Exchange OWA 2003, Exchange CAS...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.39 views

Microsoft IIS 2.0/3.0/4.0/5.0/5.1 Internal IP Address Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1499/info When a remote user attempts to access an area protected by basic authentication with no realm defined, while specifying HTTP 1.0, Microsoft IIS will return an Access Denied error message containing the internal ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

Cisco ACE XML Gateway <= 6.0 Internal IP disclosure

No description provided by source...

7.1AI score
Exploits0
Metasploit
Metasploit
added 2012/02/20 4:44 a.m.163 views

Microsoft IIS HTTP Internal IP Disclosure

Collect any leaked internal IPs by requesting commonly redirected locations from IIS. CVE-2000-0649 references IIS 5.1 win2k, XP and older. However, in newer servers such as IIS 7+, this occurs when the alternateHostName is not set or misconfigured. Also collects internal IPs leaked from the...

2.6CVSS6.4AI score0.76558EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2010/12/15 10:41 p.m.3 views

OpenJDK DNS server IP address information leak (6957564)

Unspecified vulnerability in the Java Naming and Directory Interface JNDI component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.227 allows remote attackers to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the October...

5CVSS5.8AI score0.02999EPSS
Exploits0References4
Rows per page
Query Builder