10 matches found
CVE-2023-48708
CodeIgniter Shield is an authentication and authorization provider for CodeIgniter 4. In affected versions successful login attempts are recorded with the raw tokens stored in the log table. If a malicious person somehow views the data in the log table they can obtain a raw token which can then b...
CVE-2024-30896
InfluxDB OSS 2.x through 2.7.11 stores the administrative operator token under the default organization which allows authorized users with read access to the authorization resource of the default organization to retrieve the operator token. InfluxDB OSS 1.x, Enterprise, Cloud, Cloud Dedicated and...
InfluxData InfluxDB 安全漏洞
InfluxData InfluxDB is a Go-based development of temporal databases from InfluxData, USA. A security vulnerability exists in InfluxData InfluxDB version 2.7.10 and earlier, which stems from a vulnerability that allows an allAccess administrator to retrieve all raw tokens via the influx auth ls...
CVE-2024-30896
CVE-2024-30896 affects InfluxDB OSS 2.x up to 2.7.11, where the administrative operator token is stored under the default organization. This allows authorized users with read access to the default organization’s authorization resource to retrieve the operator token, enabling potential privilege e...
CVE-2024-30896
InfluxDB OSS 2.x through 2.7.11 stores the administrative operator token under the default organization which allows authorized users with read access to the authorization resource of the default organization to retrieve the operator token. InfluxDB OSS 1.x, Enterprise, Cloud, Cloud Dedicated and...
CVE-2024-30896
InfluxDB OSS 2.x through 2.7.11 stores the administrative operator token under the default organization which allows authorized users with read access to the authorization resource of the default organization to retrieve the operator token. InfluxDB OSS 1.x, Enterprise, Cloud, Cloud Dedicated and...
CVE-2023-48708
CodeIgniter Shield is an authentication and authorization provider for CodeIgniter 4. In affected versions successful login attempts are recorded with the raw tokens stored in the log table. If a malicious person somehow views the data in the log table they can obtain a raw token which can then b...
CVE-2023-48708 Insertion of Sensitive Information into Log in codeigniter4/shield
CodeIgniter Shield is an authentication and authorization provider for CodeIgniter 4. In affected versions successful login attempts are recorded with the raw tokens stored in the log table. If a malicious person somehow views the data in the log table they can obtain a raw token which can then b...
Insertion of Sensitive Information into Log
Impact If successful login attempts are recorded, the raw tokens are stored in the log table. If a malicious person somehow views the data in the log table, he or she can obtain a raw token, which can then be used to send a request with that user's authority. When you 1 use the following...
GHSA-J72F-H752-MX4W Insertion of Sensitive Information into Log
Impact If successful login attempts are recorded, the raw tokens are stored in the log table. If a malicious person somehow views the data in the log table, he or she can obtain a raw token, which can then be used to send a request with that user's authority. When you 1 use the following...