EUVD-2025-209513

Exposure of Private Personal Information to an Unauthorized Actor, : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. Unauthenticated user can retrieve database password in plaintext in certain situations...

CVE-2025-15623 Sparx Pro Cloud Server reveals sensitive information to an unauthenticated user

Exposure of Private Personal Information to an Unauthorized Actor, : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. Unauthenticated user can retrieve database password in plaintext in certain situations...

CVE-2025-15623

Sparx Pro Cloud Server is affected by CVE-2025-15623, where an unauthenticated user can retrieve the database password in plaintext in certain scenarios. The issue is described as exposure of private personal information and sensitive system information to an unauthorized actor, with the CVSS v4....

Server side request forgery (ssrf)

Bulb Security Smartphone Pentest Framework SPF before 0.1.3 does not properly restrict access to frameworkgui/config, which allows remote attackers to obtain the plaintext database password via a direct request...

Aardvark Topsites 4.1.0 Vulnerabilities

Vendor : Aardvarkind URL : http://www.aardvarkind.com Version : Aardvark Topsites PHP 4.1.0 Risk : Multiple Vulnerabilities Description: Aardvark Topsites is a popular free PHP topsites script. See URL for details. Plaintext Database Pass Weakness: The login info for the database being used by...