Lucene search
+L

7 matches found

Patchstack
Patchstack
added 2025/11/03 9:10 p.m.14 views

WordPress Post SMTP plugin <= 3.6.0 - Missing Authorization to Account Takeover via Unauthenticated Email Log Disclosure vulnerability

Missing Authorization to Account Takeover via Unauthenticated Email Log Disclosure vulnerability discovered by netranger in WordPress Plugin Post SMTP versions = 3.6.0...

9.8CVSS7AI score0.51507EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2024/10/23 12:0 a.m.371 views

ABB Cylon Aspect 3.08.01 throttledLog.php Unauthenticated Log Disclosure

ABB Cylon Aspect 3.08.01 throttledLog.php Unauthenticated Log Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/23 12:0 a.m.348 views

ABB Cylon Aspect 3.08.01 logCriticalLookup.php Unauthenticated Log Disclosure

ABB Cylon Aspect 3.08.01 logCriticalLookup.php Unauthenticated Log Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...

7.4AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/22 12:0 a.m.355 views

ABB Cylon Aspect 3.08.01 (throttledLog.php) Unauthenticated Log Disclosure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated log...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/22 12:0 a.m.355 views

ABB Cylon Aspect 3.08.01 (logCriticalLookup.php) Unauthenticated Log Disclosure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated log...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2023/10/16 7:39 p.m.44 views

CVE-2023-5003 Active Directory Integration < 4.1.10 - Unauthenticated Log Disclosure

The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so...

7.8AI score0.25855EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2023/09/25 12:0 a.m.20 views

Active Directory Integration < 4.1.10 - Unauthenticated Log Disclosure

Description The plugin stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so. PoC This requires the plugin's Log Authentication Requests setting to be...

7.5CVSS7.9AI score0.25855EPSS
Exploits2Affected Software1
Rows per page
Query Builder