8 matches found
CVE-2025-1472
Mattermost versions 9.11.x = 9.11.8 fail to properly perform authorization of the Viewer role which allows an attacker with the Viewer role configured with No Access to Reporting to still view team and site statistics...
Code injection
An issue was discovered in the viewstatistics aka View frontend statistics extension before 2.0.1 for TYPO3. It saves all GET and POST data of TYPO3 frontend requests to the database. Depending on the extensions used on a TYPO3 website, sensitive data e.g., cleartext passwords if ext:felogin is...
TYPO3 安全漏洞
TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A security vulnerability exists in the TYPO3 viewstatistics extension prior to version 2.0.1, which originates from saving all GET and POST data requested by the TYPO3 front-end to a...
DEBIAN-CVE-2015-8628
The 1 Special:MyPage, 2 Special:MyTalk, 3 Special:MyContributions, 4 Special:MyUploads, and 5 Special:AllMyUploads pages in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 allow remote attackers to obtain sensitive user login information via crafted...
UBUNTU-CVE-2015-8628
The 1 Special:MyPage, 2 Special:MyTalk, 3 Special:MyContributions, 4 Special:MyUploads, and 5 Special:AllMyUploads pages in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 allow remote attackers to obtain sensitive user login information via crafted...
CVE-2015-8628
The 1 Special:MyPage, 2 Special:MyTalk, 3 Special:MyContributions, 4 Special:MyUploads, and 5 Special:AllMyUploads pages in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 allow remote attackers to obtain sensitive user login information via crafted...
Code injection
The 1 Special:MyPage, 2 Special:MyTalk, 3 Special:MyContributions, 4 Special:MyUploads, and 5 Special:AllMyUploads pages in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 allow remote attackers to obtain sensitive user login information via crafted...
CVE-2015-8628
CVE-2015-8628 affects MediaWiki pages Special:MyPage, Special:MyTalk, Special:MyContributions, Special:MyUploads, and Special:AllMyUploads. Vulnerability allows remote attackers to obtain sensitive user login information via crafted links combined with page view statistics in MediaWiki releases p...