Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2026/03/07 12:0 a.m.7 views

PT-2026-23863

Name of the Vulnerable Software and Affected Versions UptimeFlare versions prior to commit 377a596 Description UptimeFlare, a serverless uptime monitoring and status page solution powered by Cloudflare Workers, had a configuration issue. The uptime.config.ts file exported both pageConfig intended...

7.5CVSS5.8AI score0.00286EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/02/27 10:14 a.m.7 views

CVE-2026-1694

HTTP headers are added by the default configuration of IIS and ASP.net, and are not removed at the deployment phase of the webservices used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It unnecessarily exposes sensitive information...

4.3CVSS5.9AI score0.00168EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/26 9:30 a.m.8 views

EUVD-2026-8838

HTTP headers are added by the default configuration of IIS and ASP.net, and are not removed at the deployment phase of the webservices used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It unnecessarily exposes sensitive information...

2.3CVSS5.3AI score0.00168EPSS
Exploits0References2
OSV
OSV
added 2026/02/17 6:54 p.m.3 views

GHSA-G7VW-F8P5-C728 Pterodactyl Panel Allows Cross-Node Server Configuration Disclosure via Remote API Missing Authorization

Summary A missing authorization check in multiple controllers allows any user with access to a node secret token to fetch information about any server on a Pterodactyl instance, even if that server is associated with a different node. This issue stems from missing logic to verify that the node...

9.2CVSS5.8AI score0.00316EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/07/11 1:28 a.m.12 views

CVE-2025-34084

An unauthenticated information disclosure vulnerability exists in the WordPress Total Upkeep plugin also known as BoldGrid Backup prior to version 1.14.10. The plugin exposes multiple endpoints that allow unauthenticated users to retrieve detailed server configuration env-info.php and discover...

9.2CVSS7.9AI score
Exploits1References1
OSV
OSV
added 2021/09/27 6:15 a.m.3 views

CVE-2021-41385

The third party intelligence connector in Securonix SNYPR 6.3.1 Build 1842950302 allows an authenticated user to obtain access to server configuration details via SSRF...

6.5CVSS5.8AI score0.00675EPSS
Exploits0References1
CERT
CERT
added 2004/11/03 12:0 a.m.17 views

MailPost discloses sensitive system information when operating in debug mode

Overview A vulnerability is reported to exist in MailPost version 5.1.1sv and possibly earlier versions that may permit a remote attacker to gain sensitive information about the server configuration and environment.. Description According to the ProCheckUp report, MailPost contains a vulnerabilit...

7.1AI score
Exploits0References1
Rows per page
Query Builder