Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Cvelist
Cvelistadded 2025/08/05 11:28 p.m.8 views

CVE-2025-54124 XWiki Platform: Any user with editing rights can access password properties through Database List Properties

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform Legacy Old Core and XWiki Platform Old Core versions 9.8-rc-1 through 16.4.6, 16.5.0-rc-1 through 16.10.4, and 17.0.0-rc-1 through 17.1.0, any user with editing rights can creat...

7.1CVSS0.00108EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/08/05 11:28 p.m.4 views

CVE-2025-54124 XWiki Platform: Any user with editing rights can access password properties through Database List Properties

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform Legacy Old Core and XWiki Platform Old Core versions 9.8-rc-1 through 16.4.6, 16.5.0-rc-1 through 16.10.4, and 17.0.0-rc-1 through 17.1.0, any user with editing rights can creat...

7.1CVSS6.4AI score0.00108EPSS
Exploits1References3
OSV
OSVadded 2024/11/29 6:50 p.m.7 views

CVE-2024-53979 Ansible collection "ibm.ibm_zhmc" has passwords in clear text in log file and in output of some modules when specified as input

ibm.ibmzhmc is an Ansible collection for the IBM Z HMC. The Ansible collection "ibm.ibmzhmc" writes password-like properties in clear text into its log file and into the output returned by some of its Ansible module in the following cases: 1. The 'bootftppassword' and 'sscmasterpw' properties are...

8.2CVSS6.6AI score0.00021EPSS
Exploits0References4
Nmap
Nmapadded 2013/05/10 4:52 a.m.130 views

http-coldfusion-subzero NSE Script

Attempts to retrieve version, absolute path of administration panel and the file 'password.properties' from vulnerable installations of ColdFusion 9 and 10. This was based on the exploit 'ColdSub-Zero.pyFusion v2'. See also: http-adobe-coldfusion-apsa1301.nse http-vuln-cve2009-3960.nse...

10CVSS0.94176EPSS
Exploits33
Packet Storm
Packet Stormadded 2011/03/16 12:0 a.m.148 views

Adobe ColdFusion - Directory Traversal

$Id: coldfusiontraversal.rb 11986 2011-03-16 10:15:54Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.5CVSS0.94237EPSS
Exploits13
Exploit DB
Exploit DBadded 2011/03/16 12:0 a.m.86 views

Adobe ColdFusion - Directory Traversal (Metasploit)

$Id: coldfusiontraversal.rb 11974 2011-03-16 01:38:16Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9.8CVSS9.6AI score0.94237EPSS
Exploits13
Rows per page
Query Builder