283 matches found
PT-2026-5393
Improper handling of filenames in certain HIKSEMI NAS products may lead to the exposure of sensitive system files...
Hiksemi NAS security vulnerabilities
HIKSEMI NAS is a private cloud storage device of China’s HIKSEMI Corporation. There is a security vulnerability in HIKSEMI NAS, which stems from improper handling of file names, potentially leading to the disclosure of sensitive system files...
PT-2026-4373
Name of the Vulnerable Software and Affected Versions WP FullCalendar versions through 1.6 Description A flaw exists in WP FullCalendar that allows the retrieval of embedded sensitive data. This issue potentially exposes sensitive system information to unauthorized access. Recommendations Update ...
PT-2026-4034
Name of the Vulnerable Software and Affected Versions Dimitri Grassi Salon booking system versions prior to and including 10.30.3 Description The Salon booking system contains a flaw that allows the retrieval of embedded sensitive data, potentially exposing system information to unauthorized...
Yodinfo Mini Mouse path traversal vulnerability
Yodinfo Mini Mouse is a mobile remote control application developed by Yodinfo in China. The version 9.3.0 of Yodinfo Mini Mouse contains a path traversal vulnerability. This vulnerability stems from the use of device information endpoints that allow for path traversal, potentially leading to...
Qnap QTS and QuTS hero Exposure of Sensitive System Information to an Unauthorized Control Sphere (CVE-2025-9110)
An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to read application data. We have already fixed the vulnerability in the followin...
Kyocera Command Center RX 路径遍历漏洞
Kyocera Command Center RX is a centralized printer management tool from Kyocera, Japan. The product is primarily used to manage and monitor printers on a local area network LAN. A path traversal vulnerability exists in Kyocera Command Center RX that stems from the presence of directory traversal,...
CVE-2022-35203
An access control issue in TrendNet TV-IP572PI v1.0 allows unauthenticated attackers to access sensitive system information...
WordPress plugin Poptics 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
CVE-2025-68494
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Retrieve Embedded Sensitive Data.This issue affects Premium Addons for Elementor: from n/a through = 4.11.53...
Kentico Xperience Information Disclosure Vulnerability
Kentico Xperience is a digital experience platform from Kentico. Kentico Xperience suffers from an information disclosure vulnerability that originates in the Live Site Part Properties dialog box that could disclose sensitive system objects and can be exploited by an attacker to cause unauthorize...
CVE-2025-68576
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Virusdie Virusdie virusdie allows Retrieve Embedded Sensitive Data.This issue affects Virusdie: from n/a through = 1.1.6...
EUVD-2025-204788
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vikas Ratudi VPSUForm allows Retrieve Embedded Sensitive Data.This issue affects VPSUForm: from n/a through 3.2.24...
CVE-2025-11545
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sharp Display Solutions projectors allows a attacker may improperly access the HTTP server and execute arbitrary actions...
CVE-2019-25230
An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...
CVE-2019-25230
An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...
CVE-2019-25230 Kentico Xperience <= 12.0.0 User Widget Information Disclosure
An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...
Kentico Xperience 安全漏洞
Kentico Xperience is a digital experience platform from Kentico. Kentico Xperience suffers from an information disclosure vulnerability that originates in the Live Site Part Properties dialog box that could disclose sensitive system objects and can be exploited by an attacker to cause unauthorize...
PT-2025-52296
An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...
PT-2025-52176
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in wpweb Follow My Blog Post follow-my-blog-post allows Retrieve Embedded Sensitive Data.This issue affects Follow My Blog Post: from n/a through = 2.3.9...