Lucene search
K

27 matches found

Veracode
Veracode
added 2022/11/16 3:57 p.m.37 views

Information Disclosure

Liferay Portal is vulnerable to information disclosure. The vulnerability exists because of including the LDAP credential in the page URL when paginating through the list of users which allows an attacker to access to the request logs to see the LDAP credential...

5.9CVSS5.5AI score0.00466EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/11/15 2:15 a.m.32 views

CVE-2022-42132

The Test LDAP Users functionality in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.0 fix pack 102 and earlier, 7.1 before fix pack 27, 7.2 before fix pack 17, 7.3 before update 4, and DXP 7.4 GA includes the LDAP credential in the page URL when paginating through the list of users, whic...

5.9CVSS0.00466EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/08/28 12:0 a.m.8 views

WordPress plugin LOGIN AND REGISTRATION ATTEMPTS LIMIT 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

6.5CVSS6.6AI score0.00209EPSS
Exploits0References3
Imperva Blog
Imperva Blog
added 2020/06/09 11:45 a.m.58 views

Smart Mesh Topology Boosts Capacity and Performance

Recently we introduced our advanced architectural topology for ensuring that traffic inspection and request logs are maintained within the region. This capability is especially beneficial to our customers who need to meet certain regional compliance requirements, as is the case in Australia and...

Exploits0
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.45 views

Fedora 13 : boa-0.94.14-0.15.rc21.fc13 (2010-7599)

This update fixes CVE-2009-4496 where HTTP request logs were written without sanitizing non-printable characters. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it...

5CVSS8.3AI score0.12078EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.47 views

Fedora 12 : boa-0.94.14-0.15.rc21.fc12 (2010-7640)

This update fixes CVE-2009-4496 where HTTP request logs were written without sanitizing non-printable characters. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it...

5CVSS8.3AI score0.12078EPSS
Exploits2References3
Exploit DB
Exploit DB
added 2000/06/09 12:0 a.m.20 views

RedHat 6.2 - Piranha Virtual Server Package Plaintext Password

source: https://www.securityfocus.com/bid/1367/info Password changes submitted to Red Hat Piranha via HTTP are insecurely passed as variables in a GET request. Unauthorized users could obtain the password by reading the httpd access log or by sniffing. ---------from...

7.4AI score
Exploits0
Rows per page
Query Builder