Page 93 of 12078 results (0.118 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2. ... The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. • https://plugins.trac.wordpress.org/browser/ameliabooking/trunk/vendor/symfony/http-foundation/Tests/Fixtures/response-functional/cookie_max_age.php https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3130903%40ameliabooking&new=3130903%40ameliabooking&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/c9aa2a44-5a71-4a10-9876-3d54b8d268c5?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

Exposure of Sensitive Information vulnerability in Naukowa i Akademicka Sie? ... stwowy Instytut Badawczy EZD RP allows logged-in user to retrieve information about IP infrastructure and credentials. This issue affects EZD RP all versions before 19.6 Exposure of Sensitive Information vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP allows logged-in user to retrieve information about IP infrastructure and credentials.  • https://cert.pl/en/posts/2024/08/CVE-2023-7265 https://cert.pl/posts/2024/08/CVE-2023-7265 https://www.gov.pl/web/ezd-rp • CWE-213: Exposure of Sensitive Information Due to Incompatible Policies •

CVSS: 8.5EPSS: 0%CPEs: -EXPL: 0

An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38206 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. ... An attacker can leverage this vulnerability to disclose information in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-1021 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/297429 https://www.ibm.com/support/pages/node/7160580 • CWE-209: Generation of Error Message Containing Sensitive Information