mrnazu

2 exploits Active since Jul 2020

CVE-2020-14179 NOMISEC MEDIUM SCANNER

Atlassian Jira Server/Data Center <8.5.8, 8.6.0-8.11.1 - Unauthenticated Info Disclosure

Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. The affected versions are before version 8.5.8, and from version 8.6.0 before 8.11.1.

4 stars

CVSS 5.3

View Code

CVE-2020-13405 NOMISEC HIGH WRITEUP

Microweber <1.1.20 - Info Disclosure

userfiles/modules/users/controller/controller.php in Microweber before 1.1.20 allows an unauthenticated user to disclose the users database via a /modules/ POST request.

1 stars

CVSS 7.5

View Code