• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-200

CVE-2022-24747

February 23, 2023 by godfreyd94

Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. Affected versions of shopware do no properly set sensitive HTTP headers to be non-cacheable. If there is an HTTP cache between the server and client then headers may be exposed via HTTP caches. This issue has been resolved in version 6.4.8.2. There are no known workarounds.

CVE-2022-2462

February 23, 2023 by godfreyd94

The Transposh WordPress Translation plugin for WordPress is vulnerable to sensitive information disclosure to unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient permissions checking on the ‘tp_history’ AJAX action and insufficient restriction on the data returned in the response. This makes it possible for unauthenticated users to exfiltrate usernames of individuals who have translated text.

CVE-2022-24633

February 23, 2023 by godfreyd94

All versions of FileCloud prior to 21.3 are vulnerable to user enumeration. The vulnerability exists in the parameter “path” passing “/SHARED/“. A malicious actor could identify the existence of users by requesting share information on specified share paths.

CVE-2022-24447

February 23, 2023 by godfreyd94

An issue was discovered in Zoho ManageEngine Key Manager Plus before 6200. A service exposed by the application allows a user, with the level Operator, to access stored SSL certificates and associated key pairs during export.

CVE-2022-24414

February 23, 2023 by godfreyd94

Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL to avoid such attacks.

CVE-2022-23984

February 23, 2023 by

Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11).

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 329
  • Go to page 330
  • Go to page 331
  • Go to page 332
  • Go to page 333
  • Interim pages omitted …
  • Go to page 348
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE