27 matches found
Information Disclosure
Liferay Portal is vulnerable to information disclosure. The vulnerability exists because of including the LDAP credential in the page URL when paginating through the list of users which allows an attacker to access to the request logs to see the LDAP credential...
CVE-2022-42132
The Test LDAP Users functionality in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.0 fix pack 102 and earlier, 7.1 before fix pack 27, 7.2 before fix pack 17, 7.3 before update 4, and DXP 7.4 GA includes the LDAP credential in the page URL when paginating through the list of users, whic...
WordPress plugin LOGIN AND REGISTRATION ATTEMPTS LIMIT 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
Smart Mesh Topology Boosts Capacity and Performance
Recently we introduced our advanced architectural topology for ensuring that traffic inspection and request logs are maintained within the region. This capability is especially beneficial to our customers who need to meet certain regional compliance requirements, as is the case in Australia and...
Fedora 13 : boa-0.94.14-0.15.rc21.fc13 (2010-7599)
This update fixes CVE-2009-4496 where HTTP request logs were written without sanitizing non-printable characters. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it...
Fedora 12 : boa-0.94.14-0.15.rc21.fc12 (2010-7640)
This update fixes CVE-2009-4496 where HTTP request logs were written without sanitizing non-printable characters. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it...
RedHat 6.2 - Piranha Virtual Server Package Plaintext Password
source: https://www.securityfocus.com/bid/1367/info Password changes submitted to Red Hat Piranha via HTTP are insecurely passed as variables in a GET request. Unauthorized users could obtain the password by reading the httpd access log or by sniffing. ---------from...