Page 283 of 10586 results (0.046 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Improper Privilege Management vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users.This issue affects e-municipality module: before v.105. ... Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users.This issue affects e-municipality module: before v.105. • https://www.usom.gov.tr/bildirim/tr-23-0664 • CWE-269: Improper Privilege Management CWE-648: Incorrect Use of Privileged APIs •

CVSS: 8.1EPSS: 0%CPEs: 14EXPL: 0

The stored malicious script is then executed when the GUI is opened by any users of the webserver administration interface.  The root cause of the vulnerability is inadequate input validation and output encoding in the web administration interface component of the firmware. This could lead to  unauthorized access and data leakage La interfaz web de PAC Device permite que el perfil de usuario del administrador del dispositivo almacene scripts maliciosos en algunos campos. • https://www.idemia.com/vulnerability-information • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

This makes it possible for unauthenticated attackers to extract sensitive data including file upload events and paths. • https://patchstack.com/database/vulnerability/media-file-renamer/wordpress-media-file-renamer-plugin-5-6-9-sensitive-data-exposure-via-debug-log-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

This makes it possible for unauthenticated attackers to extract sensitive data. • https://patchstack.com/database/vulnerability/wp-retina-2x/wordpress-wp-retina-2x-plugin-6-4-5-sensitive-data-exposure-via-log-file-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

This makes it possible for unauthenticated attackers to extract sensitive data including debug and trace information. • https://patchstack.com/database/vulnerability/aruba-hispeed-cache/wordpress-aruba-hispeed-cache-plugin-2-0-6-sensitive-data-exposure-via-log-file-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •