CVE-2020-20472

White Shark System WSS 1.3.2 has a sensitive information disclosure vulnerability. The ifgetaddbook.php file does not have an authentication operation. Remote attackers can obtain username information for all users of the current site...

CVE-2024-51477 IBM InfoSphere Information Server information disclosure

IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive username information due to an observable response discrepancy...

CVE-2023-37413 IBM Aspera Faspex information disclosure

IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an observable response discrepancy...

Moodle allows attackers to obtain username and course information

Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 does not enforce certain capability requirements in 1 notes/index.php and 2 user/edit.php, which allows remote attackers to obtain potentially sensitive username and course information via a...

CVE-2020-20472

White Shark System WSS 1.3.2 has a sensitive information disclosure vulnerability. The ifgetaddbook.php file does not have an authentication operation. Remote attackers can obtain username information for all users of the current site...

Information disclosure

White Shark System WSS 1.3.2 has a sensitive information disclosure vulnerability. The ifgetaddbook.php file does not have an authentication operation. Remote attackers can obtain username information for all users of the current site...

CVE-2020-20472

CVE-2020-20472 affects White Shark System (WSS) 1.3.2. The vulnerability is in if_get_addbook.php, which operates without authentication, allowing remote attackers to obtain username information for all users on the current site. The condition arises from lack of access control on that endpoint (...

CVE-2016-3170

The "have you forgotten your password" links in the User module in Drupal 7.x before 7.43 and 8.x before 8.0.4 allow remote attackers to obtain sensitive username information by leveraging a configuration that permits using an email address to login and a module that permits logging in...

CVE-2016-3170

Removed by vendor...

CVE-2016-0864

Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to obtain sensitive report and username information via unspecified vectors...

WordPress Multiple Vulnerabilities (Jul 2009)

WordPress is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescripti...

WordPress / WordPress MU Multiple Vulnerabilities (Jul 2009)

WordPress / WordPress MU is prone to multiple vulnerabilities SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1056-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...