Web App Vulnerabilities

1. Introduction CuteNews 1.4.5 contains multiple cross-site scripting (XSS) vulnerabilities in several PHP scripts. This allows an attacker to inject...

1. Introduction CraftCMS DevMode Enabled refers to a configuration issue where CraftCMS is running in development mode. This can expose...

1. Introduction The CuteNews search.php files_arch Array Arbitrary File Access vulnerability allows an unauthenticated attacker to determine the existence of...

1. Introduction CraftCMS User Enumeration allows attackers to identify valid usernames on a CraftCMS installation. This information can be used...

1. Introduction The Credit Card Disclosure in HTML vulnerability occurs when a web application displays plaintext credit card information. This...

1. Introduction The Credit Card Disclosure over HTTP vulnerability occurs when a web application transmits credit card information unencrypted, using...

1. Introduction CyberArk Password Vault Web Access is a web application used to connect to CyberArk servers for password management....

1. Introduction The Cyberoam Admin Console Detection vulnerability identifies instances where the web admin console for a Cyberoam UTM security...

1. Introduction The daloRADIUS login.php error Parameter XSS vulnerability allows an attacker to inject malicious code into a user’s browser...

1. Introduction The vulnerability ‘CVS Entries Detected’ refers to publicly accessible files within a CVS directory on a web server....