6 matches found
CVE-2024-41734 Missing Authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform
Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user related information. There is no impact on integrity or availability...
CVE-2023-28950
CVE-2023-28950 affects IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3, allowing disclosure of sensitive user information from a trace file when tracing is enabled. The primary public references list IBM MQ-related advisories and remediation paths: IBM Security Bulletin for App Connect Enterprise/Integration ...
CVE-2023-29203 Unauthenticated user can have information about hidden users on subwikis through uorgsuggest.vm
XWiki Commons are technical libraries common to several other top level XWiki projects. It's possible to list some users who are normally not viewable from subwiki by requesting users on a subwiki which allows only global users with uorgsuggest.vm. This issue only concerns hidden users from main...
CVE-2021-33484
An issue was discovered in CommentsService.ashx in OnyakTech Comments Pro 3.8. An attacker can download a copy of the installer, decompile it, and discover a hardcoded IV used to encrypt the username and userid in the comment POST request. Additionally, the attacker can decrypt the encrypted...
LocalTapiola: User Information Disclosure via Json response
User Information Disclosure via Json response on a specific api end point POC URL: https://www.lahitapiolarahoitus.fi/wp-json/wp/v2/users/ Refernce: https://wpvulndb.com/wordpresses/462 Impact attacker can user those info for advance attack as bruteforce login...
PhpMyFAQ 1.5.1 multiple vulnerabilities
2.31 23/09/2005 PhpMyFaq 1.5.1 SQL injection / board takeover / user info disclosure / path disclosure remote code / commands execution software: site: http://www.phpmyfaq.de/ description: "phpMyFAQ is a multilingual, completely database-driven FAQ-system. It supports various databases to store a...