CVE-2019-25338

DokuWiki 2018-04-22b contains a username enumeration vulnerability in its password reset functionality that allows attackers to identify valid user accounts. Attackers can submit different usernames to the password reset endpoint and distinguish between existing and non-existing accounts by...

CVE-2024-41674

CKAN is an open-source data management system for powering data hubs and data portals. If there were connection issues with the Solr server, the internal Solr URL potentially including credentials could be leaked to packagesearch calls as part of the returned error message. This has been patched ...

AZL-53195 CVE-2024-10977 affecting package postgresql for versions less than 14.14-1

Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application. For example, a man-in-the-middle attacker could send a long error message that a human or screen-scraper user of psql mistake...

PostgreSQL 安全漏洞

PostgreSQL is a free object-relational database management system from the PostgreSQL organization. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and more. A security vulnerability exists in PostgreSQL that stems from...

SAP Enable Now Information Disclosure Vulnerability (CNVD-2020-09646)

SAP Enable Now is a collaborative content creation, management and sharing platform from SAP. The platform is mainly used for online learning and training in SAP and non-SAP systems. An information disclosure vulnerability exists in SAP Enable Now. An attacker could exploit this vulnerability to...

Information disclosure

SAP Enable Now, before version 1911, leaks information about network configuration in the server error messages, leading to Information Disclosure...

CVE-2019-0404

SAP Enable Now, before version 1911, leaks information about network configuration in the server error messages, leading to Information Disclosure...

XOOPS 2.0 XoopsOption Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7149/info XOOPS has been reported vulnerable to an information disclosure vulnerability. According to the report, path information and other sensitive data may be output in server error messages. Information obtained in...

Information disclosure

IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to obtain sensitive stack-trace information from CM server error messages via an invalid parameter...

CVE-2004-2150

Nettica Corporation INTELLIPEER Email Server 1.01 displays different error messages for valid and invalid account names, which allows remote attackers to determine valid account names...

XOOPS 2.0 XoopsOption - Information Disclosure

XOOPS 2.0 XoopsOption - Information Disclosure source: https://www.securityfocus.com/bid/7149/info XOOPS has been reported vulnerable to an information disclosure vulnerability. According to the report, path information and other sensitive data may be output in server error messages. Information...