4 matches found
CVE-2026-27610
In Parse Dashboard, versions 7.3.0-alpha.42 through 9.0.0-alpha.7 have a vulnerability where the ConfigKeyCache uses the same cache key for both the master key and the read-only master key when resolving function-typed keys. Under specific timing conditions, this can allow a read-only user to obt...
Design/Logic Flaw
The Download Manager WordPress plugin before 6.3.0 leaks master key information without the need for a password, allowing attackers to download arbitrary password-protected package files...
Download Manager Pro < 6.3.0 - Unauthenticated Sensitive Information Disclosure
The plugin leaks master key information without the need for a password, allowing attackers to download arbitrary password-protected package files. PoC - Create a password protected package containing one or more files. - Navigate to the download page of the package e.g. /download/package1 -...
PT-2016-1330 · Openssl +6 · Openssl +7
Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 0.9.8zf OpenSSL versions prior to 1.0.0r OpenSSL versions prior to 1.0.1m OpenSSL versions prior to 1.0.2a Description: The issue allows man-in-the-middle attackers to determine the MASTER-KEY value and decrypt TLS...