PT-2024-24175 · Dotcms · Dotcms

Name of the Vulnerable Software and Affected Versions: dotCMS affected versions not specified Description: The issue is related to the System-Maintenance- Log Files in the dotCMS dashboard, which is providing the username/password for database connections in the log output. This is considered a...

Remote file inclusion

Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance Logs menu and manipulating the file-path in the URL...