Lucene search
K

6 matches found

Cvelist
Cvelist
added 2024/08/13 4:18 a.m.38 views

CVE-2024-41734 Missing Authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform

Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user related information. There is no impact on integrity or availability...

4.3CVSS0.00262EPSS
Exploits0References2
CVE
CVE
added 2023/05/19 3:20 p.m.99 views

CVE-2023-28950

CVE-2023-28950 affects IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3, allowing disclosure of sensitive user information from a trace file when tracing is enabled. The primary public references list IBM MQ-related advisories and remediation paths: IBM Security Bulletin for App Connect Enterprise/Integration ...

5.5CVSS5AI score0.00177EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/04/15 3:17 p.m.30 views

CVE-2023-29203 Unauthenticated user can have information about hidden users on subwikis through uorgsuggest.vm

XWiki Commons are technical libraries common to several other top level XWiki projects. It's possible to list some users who are normally not viewable from subwiki by requesting users on a subwiki which allows only global users with uorgsuggest.vm. This issue only concerns hidden users from main...

3.7CVSS5.3AI score0.00693EPSS
Exploits1References5
Cvelist
Cvelist
added 2021/09/07 4:59 a.m.26 views

CVE-2021-33484

An issue was discovered in CommentsService.ashx in OnyakTech Comments Pro 3.8. An attacker can download a copy of the installer, decompile it, and discover a hardcoded IV used to encrypt the username and userid in the comment POST request. Additionally, the attacker can decrypt the encrypted...

7.6AI score0.00892EPSS
Exploits1References2
Hacker One
Hacker One
added 2018/04/11 10:51 a.m.39 views

LocalTapiola: User Information Disclosure via Json response

User Information Disclosure via Json response on a specific api end point POC URL: https://www.lahitapiolarahoitus.fi/wp-json/wp/v2/users/ Refernce: https://wpvulndb.com/wordpresses/462 Impact attacker can user those info for advance attack as bruteforce login...

1.3AI score
Exploits0
securityvulns
securityvulns
added 2005/09/26 12:0 a.m.33 views

PhpMyFAQ 1.5.1 multiple vulnerabilities

2.31 23/09/2005 PhpMyFaq 1.5.1 SQL injection / board takeover / user info disclosure / path disclosure remote code / commands execution software: site: http://www.phpmyfaq.de/ description: "phpMyFAQ is a multilingual, completely database-driven FAQ-system. It supports various databases to store a...

Exploits0
Rows per page
Query Builder