Search Vulnerabilities

Sanluan PublicCMS Failed Login LoginAdminController.java log_login cleartext storage in file

TYPO3 CMS Stores Cleartext Password in User Settings Module

langflow-ai langflow Project Creation Endpoint projects.py encrypt_auth_settings cleartext storage in file

OpenClaw < 2026.3.22 - Credential Exposure via baseUrl Fields in Gateway Snapshots

Directus exposes sensitive fields in revision history

Information Disclosure, Tampering, and Denial-of-Service Vulnerabilities in GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, GENESIS...

SourceCodester Student Result Management System HTTP GET Request login_credentials.txt cleartext storage in file

Bulwark Webmail: Information Exposure: password returned in /api/auth/session

Trino: Iceberg REST catalog static and vended credentials are accessible via query JSON

nginx-ui Backup Restore Allows Tampering with Encrypted Backups

AVideo has Plaintext Video Password Storage

Cleartext Storage of Administrative and Wi-Fi Credentials via Accessible Serial Interface in TP Link's TL-WR850N

AVideo has an unauthenticated decrypt oracle leaking any ciphertext

Reversible ecos_pw Cookie Allows Authentication Bypass in Nexxt Nebula 300+

Edimax GS-5008PL <= 1.00.54 Admin Credentials Stored in Cleartext

A cleartext storage of sensitive information vulnerability [CWE-312] vulnerability in Fortinet FortiMail 7

Insecure Storage Protection vulnerability in SAP Customer Checkout 2.0

Cleartext Storage of Sensitive Information (CWE-312) in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to ...

The OpenID Connect (OIDC) authentication configuration in PowerShell Universal before 2026

Sensitive user account information is not encrypted in the database in Devolutions Server 2025