7 matches found
CVE-2026-40699
CVE-2026-40699 – BIG-IP Configuration utility vulnerability : The F5 security advisory describes a vulnerability in undisclosed pages of the BIG-IP Configuration utility that can be exploited by a low-privileged authenticated attacker with network access through the BIG-IP management port or self...
Path Traversal in io.hawt:project
hawtio before versions 2.0-beta-1, 2.0-beta-2, 2.0-m1, 2.0-m2, 2.0-m3, and 1.5 are vulnerable to a path traversal that leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information from within hawtio's root...
WordPress Plugin Live Chat Unlimited Cross-Site Scripting Vulnerability
WordPress is a blogging platform based on the PHP language, which can be used to set up a website on a server that supports PHP and MySQL databases, and can also be used as a content management system CMS. A cross-site scripting vulnerability exists in the WordPress plugin Live Chat Unlimited,...
CVE-2017-2594
hawtio before versions 2.0-beta-1, 2.0-beta-2 2.0-m1, 2.0-m2, 2.0-m3, and 1.5 is vulnerable to a path traversal that leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information from within hawtio's root...
CVE-2017-2594
hawtio before versions 2.0-beta-1, 2.0-beta-2 2.0-m1, 2.0-m2, 2.0-m3, and 1.5 is vulnerable to a path traversal that leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information from within hawtio's root...
CVE-2017-2594
hawtio before versions 2.0-beta-1, 2.0-beta-2 2.0-m1, 2.0-m2, 2.0-m3, and 1.5 is vulnerable to a path traversal that leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information from within hawtio's root...
Microsoft IIS Short Filename Information Disclosure
An information disclosure vulnerability has been reported in Microsoft IIS. The vulnerability is due to an error in the way Microsoft IIS handles specially crafted URLs. A remote attacker can leverage this vulnerability to view undisclosed information stored on the server...