5 matches found
CVE-2025-24980 Pimcore Admin Classic Bundle allows user enumeration
pimcore/admin-ui-classic-bundle provides a Backend UI for Pimcore. In affected versions an error message discloses existing accounts and leads to user enumeration on the target via "Forgot password" function. No generic error message has been implemented. This issue has been addressed in version...
PT-2024-5223 · Go-Getter +2 · Go-Getter +2
Name of the Vulnerable Software and Affected Versions: go-getter versions prior to 1.7.4 go-getter/v2 branch and package are not affected Description: The go-getter library is vulnerable to argument injection when executing Git to discover remote branches. An attacker may format a Git URL in orde...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a flaw in the handling of certain data inputs. An attacker can cause a denial of service by sending specially crafted data to the application. Details Denial of Service DoS describes a family of attacks, all...
PT-2023-27313 · Shescape · Shescape
Name of the Vulnerable Software and Affected Versions: Shescape versions prior to 1.7.4 Description: The issue affects users of Shescape on Windows in a threaded context, allowing attackers to bypass protections by exploiting Shescape's failure to correctly escape for the expected shell. This can...
cpanel 11.x XSS / Local File Inclusion Vulnerability
No description provided by source. ---------------------------------------------------------------- Script : Cpanel 11.x Type : Local File Inclusion & Cross Site Scripting Risk : High ---------------------------------------------------------------- Discovered by : Khashayar Fereidani I am 17 Year...