CVE-2023-48684
https://notcve.org/view.php?id=CVE-2023-48684
Sensitive information disclosure and manipulation due to missing authorization. • https://security-advisory.acronis.com/advisories/SEC-6021 • CWE-862: Missing Authorization •
CVE-2023-48683
https://notcve.org/view.php?id=CVE-2023-48683
Sensitive information disclosure and manipulation due to missing authorization. • https://security-advisory.acronis.com/advisories/SEC-5899 • CWE-862: Missing Authorization •
CVE-2024-28961
https://notcve.org/view.php?id=CVE-2024-28961
Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure vulnerability. • https://www.dell.com/support/kbdoc/en-us/000224251/dsa-2024-184-security-update-for-dell-openmanage-enterprise-vulnerability • CWE-256: Plaintext Storage of a Password •
CVE-2024-4300 – FS-EZViewer(Web) - Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2024-4300
E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remote attacker can obtain the database configuration file path through the webpage source code without login. Accessing this path allows attacker to obtain the database credential with the highest privilege and database host IP address. With this information, attackers can connect to the database and perform actions such as adding, modifying, or deleting database contents. • https://www.twcert.org.tw/tw/cp-132-7774-fbd01-1.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-33914 – WordPress Exclusive Addons for Elementor plugin <= 2.6.9.1 - Broken Access Control on Post Duplication vulnerability
https://notcve.org/view.php?id=CVE-2024-33914
This makes it possible for authenticated attackers, with contributor-level access and above, to duplicate other users posts which can lead to information disclosure for private posts. • https://patchstack.com/database/vulnerability/exclusive-addons-for-elementor/wordpress-exclusive-addons-for-elementor-plugin-2-6-9-1-broken-access-control-on-post-duplication-vulnerability? • CWE-862: Missing Authorization •