Vulnerabilities > Information Exposure
|2023-09-23||CVE-2023-5134|| Information Exposure vulnerability in Easyregistrationforms Easy Registration Forms |
The Easy Registration Forms for WordPress is vulnerable to Information Disclosure via the 'erforms_user_meta' shortcode in versions up to, and including, 2.1.1 due to insufficient controls on the information retrievable via the shortcode.
| 4.3 |
|2023-09-18||CVE-2023-42454|| Information Exposure vulnerability in Lovasoa Sqlpage |
SQLpage is a SQL-only webapp builder.
| 9.1 |
|2023-09-15||CVE-2023-36472|| Information Exposure vulnerability in Strapi |
Strapi is an open-source headless content management system.
| 5.7 |
|2023-09-13||CVE-2021-44172|| Information Exposure vulnerability in Fortinet Forticlient Endpoint Management Server |
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClientEMS versions 7.0.0 through 7.0.4, 7.0.6 through 7.0.7, in all 6.4 and 6.2 version management interface may allow an unauthenticated attacker to gain information on environment variables such as the EMS installation path.
| 5.3 |
|2023-09-13||CVE-2023-4917|| Information Exposure vulnerability in Te-St Leyka |
The Leyka plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.30.3 via the 'leyka_ajax_get_env_and_options' function.
| 6.5 |
|2023-09-12||CVE-2023-40712|| Information Exposure vulnerability in Apache Airflow |
Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows authenticated users who have access to see the task/dag in the UI, to craft a URL, which could lead to unmasking the secret configuration of the task that otherwise would be masked in the UI. Users are strongly advised to upgrade to version 2.7.1 or later which has removed the vulnerability.
| 6.5 |
|2023-09-12||CVE-2023-40622|| Information Exposure vulnerability in SAP Businessobjects Business Intelligence 420/430 |
SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted.
| 9.9 |
|2023-09-06||CVE-2023-41050|| Information Exposure vulnerability in Zope Accesscontrol |
AccessControl provides a general security framework for use in Zope.
| 7.7 |
|2023-09-05||CVE-2023-32271|| Information Exposure vulnerability in Openautomationsoftware OAS Platform 18.00.0072 |
An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072.
| 6.5 |
|2023-09-01||CVE-2023-4714|| Information Exposure vulnerability in Playtube 3.0.1 |
A vulnerability was found in PlayTube 3.0.1 and classified as problematic.
| 7.5 |