Vulnerabilities > Information Exposure

DATE CVE VULNERABILITY TITLE RISK
2023-06-07 CVE-2021-4377 Information Exposure vulnerability in Wobbie Doneren MET Mollie
The Doneren met Mollie plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.8.5 via the dmm_export_donations() function which is called via the admin_post_dmm_export hook due to missing capability checks.
network
low complexity
wobbie CWE-200
6.5
2023-05-31 CVE-2023-33979 Information Exposure vulnerability in GPT Academic Project GPT Academic
gpt_academic provides a graphical interface for ChatGPT/GLM.
network
low complexity
gpt-academic-project CWE-200
6.5
2023-05-18 CVE-2023-29857 Information Exposure vulnerability in Teslamate Project Teslamate 1.27.1
An issue in Teslamate v1.27.1 allows attackers to obtain sensitive information via directly accessing the teslamate link.
network
low complexity
teslamate-project CWE-200
5.3
2023-05-11 CVE-2023-28357 Information Exposure vulnerability in Rocket.Chat
A vulnerability has been identified in Rocket.Chat, where the ACL checks in the Slash Command /mute occur after checking whether a user is a member of a given channel, leaking private channel members to unauthorized users.
network
low complexity
rocket-chat CWE-200
4.3
2023-05-09 CVE-2023-31404 Information Exposure vulnerability in SAP Businessobjects Business Intelligence 420/430
Under certain conditions, SAP BusinessObjects Business Intelligence Platform (Central Management Service) - versions 420, 430, allows an attacker to access information which would otherwise be restricted.
network
low complexity
sap CWE-200
5.0
2023-04-16 CVE-2022-34125 Information Exposure vulnerability in Glpi-Project Cmdb
front/icon.send.php in the CMDB plugin before 3.0.3 for GLPI allows attackers to gain read access to sensitive information via a _log/ pathname in the file parameter.
network
low complexity
glpi-project CWE-200
6.5
2023-03-24 CVE-2023-28444 Information Exposure vulnerability in Angular-Server-Side-Configuration Project Angular-Server-Side-Configuration 15.0.0/15.0.1/15.0.2
angular-server-side-configuration helps configure an angular application at runtime on the server or in a docker container via environment variables.
7.5
2023-03-17 CVE-2023-0027 Information Exposure vulnerability in Rockwellautomation Modbus TCP Server ADD on Instructions 2.00.00/2.00.03
Rockwell Automation Modbus TCP Server AOI prior to 2.04.00 is vulnerable to an unauthorized user sending a malformed message that could cause the controller to respond with a copy of the most recent response to the last valid request.
network
low complexity
rockwellautomation CWE-200
4.3
2023-03-10 CVE-2023-23327 Information Exposure vulnerability in Avantfax 3.3.7
An Information Disclosure vulnerability exists in AvantFAX 3.3.7.
network
low complexity
avantfax CWE-200
4.9
2023-03-07 CVE-2023-1263 Information Exposure vulnerability in Niteothemes Coming Soon & Maintenance
The CMP – Coming Soon & Maintenance plugin for WordPress is vulnerable to Information Exposure in versions up to, and including, 4.1.6 via the cmp_get_post_detail function.
network
low complexity
niteothemes CWE-200
5.3