Total
163 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-50935 | 1 Ibm | 1 Powersc | 2024-02-02 | N/A | 6.5 MEDIUM |
| IBM PowerSC 1.3, 2.0, and 2.1 fails to properly restrict access to a URL or resource, which may allow a remote attacker to obtain unauthorized access to application functionality and/or resources. IBM X-Force ID: 275115. | |||||
| CVE-2022-23607 | 2 Debian, Twistedmatrix | 2 Debian Linux, Treq | 2024-01-26 | 4.3 MEDIUM | 6.5 MEDIUM |
| treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods (`treq.get`, `treq.post`, etc.) and `treq.client.HTTPClient` constructor accept cookies as a dictionary. Such cookies are not bound to a single domain, and are therefore sent to *every* domain ("supercookies"). This can potentially cause sensitive information to leak upon an HTTP redirect to a different domain., e.g. should `https://example.com` redirect to `http://cloudstorageprovider.com` the latter will receive the cookie `session`. Treq 2021.1.0 and later bind cookies given to request methods (`treq.request`, `treq.get`, `HTTPClient.request`, `HTTPClient.get`, etc.) to the origin of the *url* parameter. Users are advised to upgrade. For users unable to upgrade Instead of passing a dictionary as the *cookies* argument, pass a `http.cookiejar.CookieJar` instance with properly domain- and scheme-scoped cookies in it. | |||||
| CVE-2004-2257 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-01-25 | 5.0 MEDIUM | N/A |
| phpMyFAQ 1.4.0 allows remote attackers to access the Image Manager to upload or delete images without authorization via a direct request. | |||||
| CVE-2004-2144 | 1 Baalsystems | 1 Baal Smart Forms | 2024-01-25 | 7.5 HIGH | N/A |
| Baal Smart Forms before 3.2 allows remote attackers to bypass authentication and obtain system access via a direct request to regadmin.php. | |||||
| CVE-2005-1892 | 1 Flatnuke | 1 Flatnuke | 2024-01-25 | 6.4 MEDIUM | N/A |
| FlatNuke 2.5.3 allows remote attackers to cause a denial of service or obtain sensitive information via (1) a direct request to foot_news.php, which triggers an infinite loop, or (2) direct requests to unknown scripts, which reveals the web document root in an error message. | |||||
| CVE-2005-1827 | 1 Dlink | 2 Dsl-504t, Dsl-504t Firmware | 2024-01-25 | 7.5 HIGH | N/A |
| D-Link DSL-504T allows remote attackers to bypass authentication and gain privileges, such as upgrade firmware, restart the router or restore a saved configuration, via a direct request to firmwarecfg. | |||||
| CVE-2005-1698 | 1 Postnuke | 1 Postnuke | 2024-01-25 | 5.0 MEDIUM | N/A |
| PostNuke 0.750 and 0.760RC3 allows remote attackers to obtain sensitive information via a direct request to (1) theme.php or (2) Xanthia.php in the Xanthia module, (3) user.php, (4) thelang.php, (5) text.php, (6) html.php, (7) menu.php, (8) finclude.php, or (9) button.php in the pnblocks directory in the Blocks module, (10) config.php in the NS-Multisites (aka Multisites) module, or (11) xmlrpc.php, which reveals the path in an error message. | |||||
| CVE-2005-1685 | 1 Episodex | 1 Episodex Guestbook | 2024-01-25 | 7.5 HIGH | N/A |
| episodex guestbook allows remote attackers to bypass authentication and edit scripts via a direct request to admin.asp. | |||||
| CVE-2002-1798 | 1 Midicart | 3 Midicart Php, Midicart Php Maxi, Midicart Php Plus | 2024-01-25 | 6.4 MEDIUM | 9.1 CRITICAL |
| MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a direct request to admin/upload.php or (2) access sensitive information via a direct request to admin/credit_card_info.php. | |||||
| CVE-2005-1654 | 1 Hostingcontroller | 1 Hosting Controller | 2024-01-25 | 7.5 HIGH | N/A |
| Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers to register arbitrary users via a direct request to addsubsite.asp with the loginname and password parameters set. | |||||
| CVE-2005-1668 | 1 Yusasp | 1 Web Asset Manager | 2024-01-25 | 7.5 HIGH | N/A |
| YusASP Web Asset Manager 1.0 allows remote attackers to gain privileges via a direct request to assetmanager.asp. | |||||
| CVE-2019-2388 | 1 Mongodb | 1 Ops Manager | 2024-01-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| In affected Ops Manager versions there is an exposed http route was that may allow attackers to view a specific access log of a publicly exposed Ops Manager instance. This issue affects: MongoDB Inc. MongoDB Ops Manager 4.0 versions 4.0.9, 4.0.10 and MongoDB Ops Manager 4.1 version 4.1.5. | |||||
| CVE-2005-1697 | 1 Postnuke | 1 Postnuke | 2023-12-28 | 5.0 MEDIUM | N/A |
| The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote attackers to obtain sensitive information via a direct request to simple_smarty.php, which reveals the path in an error message. | |||||
| CVE-2005-1688 | 1 Wordpress | 1 Wordpress | 2023-12-28 | 5.0 MEDIUM | N/A |
| Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in (1) wp-content/themes/, (2) wp-includes/, or (3) wp-admin/, which reveal the path in an error message. | |||||
| CVE-2023-45809 | 1 Torchbox | 1 Wagtail | 2023-12-28 | N/A | 2.7 LOW |
| Wagtail is an open source content management system built on Django. A user with a limited-permission editor account for the Wagtail admin can make a direct URL request to the admin view that handles bulk actions on user accounts. While authentication rules prevent the user from making any changes, the error message discloses the display names of user accounts, and by modifying URL parameters, the user can retrieve the display name for any user. The vulnerability is not exploitable by an ordinary site visitor without access to the Wagtail admin. Patched versions have been released as Wagtail 4.1.8 (LTS), 5.0.5 and 5.1.3. The fix is also included in Release Candidate 1 of the forthcoming Wagtail 5.2 release. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-22834 | 1 Palantir | 1 Contour | 2023-11-07 | N/A | 4.3 MEDIUM |
| The Contour Service was not checking that users had permission to create an analysis for a given dataset. This could allow an attacker to clutter up Compass folders with extraneous analyses, that the attacker would otherwise not have permission to create. | |||||
| CVE-2023-1699 | 1 Rapid7 | 1 Nexpose | 2023-11-07 | N/A | 9.8 CRITICAL |
| Rapid7 Nexpose versions 6.6.186 and below suffer from a forced browsing vulnerability. This vulnerability allows an attacker to manipulate URLs to forcefully browse to and access administrative pages. This vulnerability is fixed in version 6.6.187. | |||||
| CVE-2023-1663 | 1 Synopsys | 1 Coverity | 2023-11-07 | N/A | 5.3 MEDIUM |
| Coverity versions prior to 2023.3.2 are vulnerable to forced browsing, which exposes authenticated resources to unauthorized actors. The root cause of this vulnerability is an insecurely configured servlet mapping for the underlying Apache Tomcat server. As a result, the downloads directory and its contents are accessible. 5.9 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C) | |||||
| CVE-2022-4057 | 1 Optimizingmatters | 1 Autooptimize | 2023-11-07 | N/A | 5.3 MEDIUM |
| The Autoptimize WordPress plugin before 3.1.0 uses an easily guessable path to store plugin's exported settings and logs. | |||||
| CVE-2022-42438 | 2 Ibm, Linux | 2 Cloud Pak For Multicloud Management Monitoring, Linux Kernel | 2023-11-07 | N/A | 8.8 HIGH |
| IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3 allows users without admin roles access to admin functions by specifying direct URL paths. IBM X-Force ID: 238210. | |||||