4 matches found
EUVD-2026-19469
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to 25.0.0, the /server-status endpoint is publicly accessible and exposes sensitive information including authentication tokens usertoken, user activity, client IP addresses, and server configuration details. This allows a...
EUVD-2021-25578
Malware in sbrugna...
CVE-2025-54832
OPEXUS FOIAXpress Public Access Link PAL, version v11.1.0, allows an authenticated user to add entries to the list of states and territories...
CVE-2025-27604
XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. The homepage of the application is public which enables a guest to download the package which might contain sensitive information. This vulnerability is fixed in 1.11.7...