CVE-2022-1585

The Project Source Code Download WordPress plugin through 1.0.0 does not protect its backup generation and download functionalities, which may allow any visitors on the site to download the entire site, including sensitive files like wp-config.php...

Pharmacy Management System version 1.0 Insecure Settings

==================================================================================================================================== | Title : Pharmacy Management System version 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

BIT-GITLAB-2023-3413 Insertion of Sensitive Information Into Sent Data in GitLab

An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to read the source code of a project through a fork created before changing visibility to...

Design/Logic Flaw

The Project Source Code Download WordPress plugin through 1.0.0 does not protect its backup generation and download functionalities, which may allow any visitors on the site to download the entire site, including sensitive files like wp-config.php...

WordPress plugin Project Source Code Download 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

FreeBSD : Gitlab -- Multiple Vulnerabilities (c5bd9068-440f-11ea-9cdb-001b217b3468)

Gitlab reports : Path Traversal to Arbitrary File Read User Permissions Not Validated in ProjectExportWorker XSS Vulnerability in File API Package and File Disclosure through GitLab Workhorse XSS Vulnerability in Create Groups Issue and Merge Request Activity Counts Exposed Email Confirmation...

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Path Traversal to Arbitrary File Read User Permissions Not Validated in ProjectExportWorker XSS Vulnerability in File API Package and File Disclosure through GitLab Workhorse XSS Vulnerability in Create Groups Issue and Merge Request Activity Counts Exposed Email Confirmation Bypa...

Format string

Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for local users to obtain sensitive information by reading a file...