Jenkins is an award-winning application that monitors executions of repeated jobs, such as building a software project or jobs run by cron.
By accessing the endpoint /securityRealm/user/admin/search/index?q= it was possible to enumerate all the Jenkins users.
- It's recommended to restrict access to this endpoint.
- WordPress Plugin WP Online Store Local File Include and Multiple File Disclosure Vulnerabilities (1.3.1)
- Apache Axis2 information disclosure
- FTP weak password
- WordPress Plugin Organizer Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities (1.2.1)
- WordPress Plugin Eshop Magic Arbitrary File Disclosure (0.1)