8 matches found
FreeScout 安全漏洞
FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.215 contained security vulnerabilities. These vulnerabilities stemmed from the fact that restrictions were only applied to...
CVE-2026-31841
Hyperterse is a tool-first MCP framework for building AI-ready backend surfaces from declarative config. Prior to v2.2.0, the search tool allows LLMs to search for tools using natural language. While returning results, Hyperterse also returned the raw SQL queries, exposing statements which were...
How safe are kids using social media? We did the groundwork
When researchers created an account for a child under 13 on Roblox, they expected heavy guardrails. Instead, they found that the platform’s search features still allowed kids to discover communities linked to fraud and other illicit activity. The discoveries spotlight the question that lawmakers...
UBUNTU-CVE-2025-3628
A flaw has was found in Moodle where anonymous assignment submissions can be de-anonymized via search, revealing student identities...
Moodle 安全漏洞
Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle that stems from tags not being properly hidden, where a user may find tags that...
CVE-2024-11297
The Page Restriction WordPress WP – Protect WP Pages/Post plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.6 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from pos...
CVE-2020-17477
Incorrect LDAP ACLs in ucs-school-ldap-acls-master in UCS@school before 4.4v5-errata allow remote teachers, staff, and school administrators to read LDAP password hashes sambaNTPassword, krb5Key, sambaPasswordHistory, and pwhistory via LDAP search requests. For example, a teacher can gain...
GHSA-279F-QWGH-H5MP Jenkins does not exclude sensitive build variables from search
Jenkins allows filtering builds in the build history widget by specifying an expression that searches for matching builds by name, description, parameter values, etc. Jenkins 2.50 through 2.423 both inclusive, LTS 2.60.1 through 2.414.1 both inclusive does not exclude sensitive build variables...