CVE-2023-30802

MEDIUM Year: 2023
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-540
View all →

Vulnerability Description

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code disclosure vulnerability. A remote and unauthenticated attacker can obtain PHP source code by sending an HTTP request with an invalid Content-Length field.

Related Vulnerabilities

CVE-2023-23448

MEDIUM
CVSS:5.3(Medium)

Inclusion of Sensitive Information in Source Code in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain informati...

CWE-5402023

CVE-2024-35144

MEDIUM
CVSS:5.3(Medium)

IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the web server that could aid in further attacks against the system.

CWE-5402024

CVE-2024-9596

MEDIUM
CVSS:5.3(Medium)

An issue has been discovered in GitLab EE affecting all versions starting from 16.6 prior to 17.2.9, from 17.3 prior to 17.3.5, and from 17.4 prior to 17.4.2. It was possible for an unauthenticated at...

CWE-5402024

CVE-2021-28805

MEDIUM
CVSS:5.5(Medium)

Inclusion of sensitive information in the source code has been reported to affect certain QNAP switches running QSS. If exploited, this vulnerability allows attackers to read application data. This is...

CWE-5402021

CVE-2021-34757

MEDIUM
CVSS:5.5(Medium)

Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords o...

CWE-5402021

CVE-2023-39250

MEDIUM
CVSS:5.5(Medium)

Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager for VMware (RMSV) versions prior to 3.1.2 contain an informa...

CWE-5402023