11 matches found
CVE-2026-2451 Unsafe variable evaluation in email templates
Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when name is used in an email template, it will be replaced with the buyer's name for the final email. This mechanism contained a security-relevant bug: It was possible to exfiltrate information...
Unspecified Vulnerability in SAP NetWeaver (CNVD-2025-21160)
SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform mainly for SAP applications to provide development and runtime environment. A security vulnerability exists in SAP NetWeaver, which can be exploited by an attacker to potentially...
CVE-2021-32712
Shopware is an open source eCommerce platform. Versions prior to 5.6.10 are vulnerable to system information leakage in error handling. Users are recommend to update to version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview...
CVE-2023-48225
Laf is a cloud development platform. Prior to version 1.0.0-beta.13, the control of LAF app enV is not strict enough, and in certain scenarios of privatization environment, it may lead to sensitive information leakage in secret and configmap. In ES6 syntax, if an obj directly references another...
GHSA-QWPP-FGRJ-H78Q Exposure of Sensitive Information to an Unauthorized Actor
Shopware is an open source eCommerce platform. Versions prior to 5.6.10 are vulnerable to system information leakage in error handling. Users are recommend to update to version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview...
CVE-2021-32712
Shopware is an open source eCommerce platform. Versions prior to 5.6.10 are vulnerable to system information leakage in error handling. Users are recommend to update to version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview...
Design/Logic Flaw
Shopware is an open source eCommerce platform. Versions prior to 5.6.10 are vulnerable to system information leakage in error handling. Users are recommend to update to version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview...
CVE-2021-32712
CVE-2021-32712 affects Shopware (open‑source eCommerce platform). The vulnerability is an information disclosure in error handling for versions prior to 5.6.10 . An attacker could obtain leaked system information due to improper error handling. Mitigation: upgrade to version 5.6.10 (via Auto‑Upda...
Mitel MiContact Center Business 信息泄露漏洞
Mitel MiContact Center Business is an all-media contact center platform from Mitel Canada. The platform is used for customer communication, production management and other scenarios. A security vulnerability exists in Mitel MiContact Center Business prior to version 9.3.0.0, which can be exploite...
CVE-2020-13918
Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information that can be used for a jailbreak via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R71...
cscms V4.1.8 version exists arbitrary file download vulnerability
Cscms is a diversified content management system developed using PHP5+MYSQL as the technical basis. cscms V4.1.8 version of the existence of arbitrary file download vulnerability, attackers can use the vulnerability to download arbitrary files, resulting in system information leakage...