GO-2025-4062 Mattermost Server exposes information stored by a web browser in github.com/mattermost/mattermost-server

Mattermost Server exposes information stored by a web browser in github.com/mattermost/mattermost-server...

CVE-2024-8464

CVE-2024-8464 describes a SQL injection in PHPGurukul Job Portal version 1.0 through the JOBREGID parameter in /jobportal/admin/applicants/controller.php, enabling retrieval of stored data. Affected software is the PHPGurukul Job Portal (v1.0). The root cause is improper input handling leading to...

CVE-2024-4991 SQL injection vulnerability in SiAdmin

Vulnerability in SiAdmin 1.1 that allows SQL injection via the /modul/modpass/aksipass.php parameter in namalengkap. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in it...

CVE-2023-37530 A cross-site scripting (XSS) vulnerability affects HCL BigFix Platform

A cross-site scripting XSS vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code into a webpage trying to retrieve cookie stored information...

Authentication flaw

An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored on the device due to the lack of Authentication...

SOFTCREATE L2Blocker authentication error vulnerability

SOFTCREATE L2Blocker is a device type security system from SOFTCREATE Japan. It detects and blocks unauthorized connections from network devices to the internal network to prevent information leakage.An authentication error vulnerability exists in SOFTCREATE L2Blockeron-premise version 4.8.5 and...

Authentication flaw

Authentication bypass vulnerability in the setup screen of L2Blockeron-premise Ver4.8.5 and earlier and L2BlockerCloud Ver4.8.5 and earlier allows an adjacent attacker to perform an unauthorized login and obtain the stored information or cause a malfunction of the device by using alternative path...

CVE-2021-20802

HTTP header injection vulnerability in Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to alter the information stored in the product...

CVE-2021-20802

HTTP header injection vulnerability in Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to alter the information stored in the product...

CVE-2020-7036

An XML External Entities XXEvulnerability in Callback Assist could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The affected versions of Callback Assist includes all 4.0.x versions before 4.7.1.1 Patch 7...

Xxe

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity XXE entries when parsing certain XML...

CVE-2019-15983

A vulnerability in the SOAP API of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. To exploit this vulnerability, an attacker would need administrative privileges on the DCNM application...

Cross site scripting

Pixar's Tractor software, versions 2.2 and earlier, contain a stored cross-site scripting vulnerability in the field that allows a user to add a note to an existing node. The stored information is displayed when a user requests information about the node. An attacker could insert Javascript into...

The vulnerability of the software for Cisco WebEx Meetings Server allows a hacker to gain read-only access to certain information stored in the system.

The vulnerability of the XML External Entity component of the Cisco WebEx Meetings Server software relates to incorrect restrictions on XML references to external objects. Exploiting this vulnerability could allow a malicious actor to gain read access to certain information stored in the system...

Oxford University launches Cyber Security Centre

Oxford University launches Cyber Security Centre Cyber crime is not going away. As the world becomes ever more interconnected and dependent on networks, laptops and personal handheld devices, the opportunities are just too great. The personal information stored on such devices credit card...

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulonerabilities

Multiple memory corruptions, input focus stealing, code execution, stored information corruption, directory traversal, information leaks, dialog spoffing...

Parse Cookie to deceive the implementation process and the specific application-vulnerability warning-the black bar safety net

As we know, in network words, a cookie is a special information, although only the Server stored in the user's computer on a text file, but due to its content of unusual sexualand the server has some interactive sex, and often will store the user name and even password, or other sensitive...