4 matches found
CVE-2025-70841
Dokans Multi-Tenancy Based eCommerce Platform SaaS 3.9.2 allows unauthenticated remote attackers to obtain sensitive application configuration data via direct request to /script/.env file. The exposed file contains Laravel application encryption key APPKEY, database credentials, SMTP/SendGrid API...
CVE-2025-70841
Dokans Multi-Tenancy Based eCommerce Platform SaaS version 3.9.2 is vulnerable to unauthenticated remote access to the /script/.env file. The exposure reveals sensitive data including the Laravel APP_KEY, database credentials, SMTP/SendGrid API credentials, and internal configuration parameters, ...
PT-2025-39883
Name of the Vulnerable Software and Affected Versions Vasion Print versions prior to 22.0.1026 Vasion Print Application versions prior to 20.0.2702 Description Vasion Print formerly PrinterLogic Virtual Appliance Host and Application deployments expose unauthenticated REST API endpoints. These...
CVE-2025-34206 Vasion Print (formerly PrinterLogic) Insecure Shared Storage Permissions
Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments mount host configuration and secret material under /var/www/efsstorage into many Docker containers with overly-permissive filesystem permissions. Files such as secrets.env, GPG-encrypted blobs in...