28034 matches found
CVE-2026-37431
Beauty Parlour Management System v1.1 was discovered to contain a SQL injection vulnerability via the aptnumber parameter in the /appointment-detail.php endpoint. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement...
CVE-2023-42344
Alkacon OpenCms before 10.5.1 allows remote unauthenticated attackers to obtain sensitive information via a cmis-online/query XXE attack on a Chemistry servlet...
PT-2026-39232
Name of the Vulnerable Software and Affected Versions Wagtail versions prior to 7.0.7 Wagtail versions prior to 7.3.2 Wagtail versions prior to 7.4 Description A CMS user lacking page editing permissions can access page revisions via the revision compare view by knowing the primary keys of two...
Alkacon OpenCMS 代码问题漏洞
Alkacon OpenCMS is a content management system developed by Alkacon Corporation. Versions of Alkacon OpenCMS prior to 10.5.1 had code vulnerabilities. These vulnerabilities stemmed from the XXE attack on the Chemistry servlet via cmis-online/query, which could allow unauthorized remote attackers ...
PT-2026-39233
Name of the Vulnerable Software and Affected Versions Wagtail versions prior to 7.0.7 Wagtail versions prior to 7.3.2 Wagtail versions prior to 7.4 Description A CMS user lacking page editing permissions can access the history report for a page, which may lead to the disclosure of sensitive...
CVE-2026-42826
Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network...
Azure DevOps Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network...
EUVD-2026-28332
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs Happy Addons for Elementor allows Retrieve Embedded Sensitive Data. This issue affects Happy Addons for Elementor: from n/a through 3.20.8...
EUVD-2024-55567
A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer...
CVE-2026-25468
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs Happy Addons for Elementor allows Retrieve Embedded Sensitive Data. This issue affects Happy Addons for Elementor: from n/a through 3.20.8...
CVE-2024-43384
A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer...
CVE-2024-43384
A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer...
CVE-2024-43384 Phoenix Contact: Improper removal of sensitive information in MGUARD products
A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer...
CVE-2024-43384 Phoenix Contact: Improper removal of sensitive information in MGUARD products
A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer...
CVE-2024-43384
The CVE-2024-43384 entry concerns Phoenix Contact MGUARD products. Affected component: the devices’ handling/storage/transfer of sensitive data. Root cause: improper removal of sensitive information before storage or transfer, enabling exposure of the root password. Impact: a low-privileged remot...
CVE-2026-25468
CVE-2026-25468 concerns the WordPress plugin Happy Addons for Elementor (weDevs) versions 3.20.8 and earlier. The description identifies a Sensitive Data Exposure vulnerability where an Unauthorized Control Sphere can Retrieve Embedded Sensitive Data, affecting Happy Addons for Elementor from n/a...
CVE-2026-25468 WordPress Happy Addons for Elementor plugin <= 3.20.8 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs Happy Addons for Elementor allows Retrieve Embedded Sensitive Data. This issue affects Happy Addons for Elementor: from n/a through 3.20.8...
CVE-2026-25468 WordPress Happy Addons for Elementor plugin <= 3.20.8 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs Happy Addons for Elementor allows Retrieve Embedded Sensitive Data. This issue affects Happy Addons for Elementor: from n/a through 3.20.8...
Spring Cloud Config Server Logged Sensitive Information
When trace logging is enabled in Spring Cloud Config Server, sensitive information is placed in plain text in the logs. - Spring Cloud Config 3.0.x: affected from 3.0.0 through 3.0.7 inclusive; no open-source upgrade available. - Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13...
GHSA-J6HH-H3CF-C2HF Spring Cloud Config Server Logged Sensitive Information
When trace logging is enabled in Spring Cloud Config Server, sensitive information is placed in plain text in the logs. - Spring Cloud Config 3.0.x: affected from 3.0.0 through 3.0.7 inclusive; no open-source upgrade available. - Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13...