17 matches found
MAL-2026-5471 Malicious code in getd-ui-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fcdbf66757b102ed524f01c498adae819b02968aa455f57316f4e08af1fb9ea0 On npm install, postinstall.js runs unconditionally scripts.postinstall = 'node postinstall.js' and sends an HTTPS GET to a hardcoded webhook.site UR...
CVE-2020-20472
White Shark System WSS 1.3.2 has a sensitive information disclosure vulnerability. The ifgetaddbook.php file does not have an authentication operation. Remote attackers can obtain username information for all users of the current site...
CVE-2024-51477 IBM InfoSphere Information Server information disclosure
IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive username information due to an observable response discrepancy...
IBM Aspera Faspex Information Disclosure Vulnerability (CNVD-2025-06209)
IBM Aspera Faspex is an International Business Machines IBM solution for rapid global person-to-person document delivery and collaboration. An information disclosure vulnerability exists in IBM Aspera Faspex that stems from an observable response discrepancy that could be exploited by an attacker...
CVE-2023-37413 IBM Aspera Faspex information disclosure
IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an observable response discrepancy...
Moodle allows attackers to obtain username and course information
Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 does not enforce certain capability requirements in 1 notes/index.php and 2 user/edit.php, which allows remote attackers to obtain potentially sensitive username and course information via a...
CVE-2020-20472
White Shark System WSS 1.3.2 has a sensitive information disclosure vulnerability. The ifgetaddbook.php file does not have an authentication operation. Remote attackers can obtain username information for all users of the current site...
Information disclosure
White Shark System WSS 1.3.2 has a sensitive information disclosure vulnerability. The ifgetaddbook.php file does not have an authentication operation. Remote attackers can obtain username information for all users of the current site...
CVE-2020-20472
CVE-2020-20472 affects White Shark System (WSS) 1.3.2. The vulnerability is in if_get_addbook.php, which operates without authentication, allowing remote attackers to obtain username information for all users on the current site. The condition arises from lack of access control on that endpoint (...
Unauthorized Access Vulnerability in Manto Networks ezEIP
ezEIP is a website management system of Wando Network Technology Co. An unauthorized access vulnerability exists in Wando Networks ezEIP, which can be exploited by an attacker to obtain username information...
CVE-2016-3170
The "have you forgotten your password" links in the User module in Drupal 7.x before 7.43 and 8.x before 8.0.4 allow remote attackers to obtain sensitive username information by leveraging a configuration that permits using an email address to login and a module that permits logging in...
CVE-2016-3170
Removed by vendor...
CVE-2016-0864
Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to obtain sensitive report and username information via unspecified vectors...
Information disclosure
Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to obtain sensitive report and username information via unspecified vectors...
WordPress Multiple Vulnerabilities (Jul 2009)
WordPress is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescripti...
WordPress / WordPress MU Multiple Vulnerabilities (Jul 2009)
WordPress / WordPress MU is prone to multiple vulnerabilities SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1056-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...