Lucene search
+L

11 matches found

OSV
OSV
added 2026/02/16 10:16 a.m.4 views

CVE-2026-2451 Unsafe variable evaluation in email templates

Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when name is used in an email template, it will be replaced with the buyer's name for the final email. This mechanism contained a security-relevant bug: It was possible to exfiltrate information...

9CVSS6AI score0.00258EPSS
Exploits0References4
CNVD
CNVD
added 2025/09/11 12:0 a.m.5 views

Unspecified Vulnerability in SAP NetWeaver (CNVD-2025-21160)

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform mainly for SAP applications to provide development and runtime environment. A security vulnerability exists in SAP NetWeaver, which can be exploited by an attacker to potentially...

5CVSS6.6AI score0.002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:45 p.m.8 views

CVE-2021-32712

Shopware is an open source eCommerce platform. Versions prior to 5.6.10 are vulnerable to system information leakage in error handling. Users are recommend to update to version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview...

5.3CVSS6.5AI score0.01135EPSS
Exploits0References1
NVD
NVD
added 2023/12/12 9:15 p.m.43 views

CVE-2023-48225

Laf is a cloud development platform. Prior to version 1.0.0-beta.13, the control of LAF app enV is not strict enough, and in certain scenarios of privatization environment, it may lead to sensitive information leakage in secret and configmap. In ES6 syntax, if an obj directly references another...

9.1CVSS0.00796EPSS
Exploits1References3
OSV
OSV
added 2021/09/08 5:59 p.m.15 views

GHSA-QWPP-FGRJ-H78Q Exposure of Sensitive Information to an Unauthorized Actor

Shopware is an open source eCommerce platform. Versions prior to 5.6.10 are vulnerable to system information leakage in error handling. Users are recommend to update to version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview...

5.3CVSS5.1AI score0.01135EPSS
Exploits0References4
NVD
NVD
added 2021/06/24 9:15 p.m.17 views

CVE-2021-32712

Shopware is an open source eCommerce platform. Versions prior to 5.6.10 are vulnerable to system information leakage in error handling. Users are recommend to update to version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview...

5.3CVSS0.01135EPSS
Exploits0References3
Prion
Prion
added 2021/06/24 9:15 p.m.11 views

Design/Logic Flaw

Shopware is an open source eCommerce platform. Versions prior to 5.6.10 are vulnerable to system information leakage in error handling. Users are recommend to update to version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview...

5CVSS5.1AI score0.01135EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2021/06/24 8:50 p.m.116 views

CVE-2021-32712

CVE-2021-32712 affects Shopware (open‑source eCommerce platform). The vulnerability is an information disclosure in error handling for versions prior to 5.6.10 . An attacker could obtain leaked system information due to improper error handling. Mitigation: upgrade to version 5.6.10 (via Auto‑Upda...

5.3CVSS5.2AI score0.01135EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2020/12/18 12:0 a.m.9 views

Mitel MiContact Center Business 信息泄露漏洞

Mitel MiContact Center Business is an all-media contact center platform from Mitel Canada. The platform is used for customer communication, production management and other scenarios. A security vulnerability exists in Mitel MiContact Center Business prior to version 9.3.0.0, which can be exploite...

3.3CVSS5.8AI score0.00272EPSS
Exploits0References2
OSV
OSV
added 2020/07/28 3:15 p.m.4 views

CVE-2020-13918

Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information that can be used for a jailbreak via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R71...

7.5CVSS7.1AI score
Exploits0References1
CNVD
CNVD
added 2018/06/03 12:0 a.m.1 views

cscms V4.1.8 version exists arbitrary file download vulnerability

Cscms is a diversified content management system developed using PHP5+MYSQL as the technical basis. cscms V4.1.8 version of the existence of arbitrary file download vulnerability, attackers can use the vulnerability to download arbitrary files, resulting in system information leakage...

6.8AI score
Exploits0
Rows per page
Query Builder