10 matches found
CVE-2026-49278
Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12, in the visitors.info endpoint, https://developer.rocket.chat/apidocs/get-visitor-information-by-id-1, token is returned in the response. It...
CVE-2026-49278 Rocket.Chat: Livechat Visitor Profile Disclosure Leaks Bearer Token and Enables Visitor Impersonation
Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12, in the visitors.info endpoint, https://developer.rocket.chat/apidocs/get-visitor-information-by-id-1, token is returned in the response. It...
EUVD-2013-6053
Malware in sbrugna...
Apartment Management System visitor_info.php File SQL Injection Vulnerability
Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in parameter vid in file /report/visitorinfo.php. An attacker can exploit this...
CVE-2025-9507 itsourcecode Apartment Management System visitor_info.php sql injection
A weakness has been identified in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /report/visitorinfo.php. Executing manipulation of the argument vid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to th...
CVE-2025-9507 itsourcecode Apartment Management System visitor_info.php sql injection
A weakness has been identified in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /report/visitorinfo.php. Executing manipulation of the argument vid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to th...
PT-2025-34830
Name of the Vulnerable Software and Affected Versions: itsourcecode Apartment Management System version 1.0 Description: A weakness exists in itsourcecode Apartment Management System 1.0, specifically within an unknown function of the file /report/visitor info.php. Manipulation of the vid argumen...
WordPress WPVisitorInfo – Show Visitor Information & Conditional Data Based On That Information plugin <= 1.0.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WPVisitorInfo – Show Visitor Information & Conditional Data Based On That Information plugin versions = 1.0.0. Solution No patched version available...
CVE-2013-6224
Multiple cross-site scripting XSS vulnerabilities in LiveZilla before 5.1.1.0 allow remote attackers to inject arbitrary web script or HTML via 1 a name in the call administrator feature, 2 unspecified vectors to the admins visitor information panel, or 3 a text message in a chat session, which i...
CVE-2013-6224
Multiple cross-site scripting XSS vulnerabilities in LiveZilla before 5.1.1.0 allow remote attackers to inject arbitrary web script or HTML via 1 a name in the call administrator feature, 2 unspecified vectors to the admins visitor information panel, or 3 a text message in a chat session, which i...