SUSE CVE-2017-3589

Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/J. Supported versions that are affected are 5.1.41 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise...

SUSE CVE-2017-3586

Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/J. Supported versions that are affected are 5.1.41 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Whil...

GHSA-59FH-RJQ3-XQ7J Thinkphp has a code logic error

Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...

CVE-2022-44289

Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...

CVE-2022-44289

Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...

PT-2022-27168 · Thinkphp · Thinkphp

Name of the Vulnerable Software and Affected Versions: Thinkphp versions 5.0.24 through 5.1.41 Description: The issue is caused by a code logic error that leads to a file upload getting shell access. This allows an attacker to potentially execute arbitrary code on the server. Recommendations: For...

ThinkPHP 代码问题漏洞

Top Think Information Technology ThinkPHP is a PHP-based, open source, lightweight web application development framework from China's Top Think Information Technology Company. A code issue vulnerability exists in ThinkPHP version 5.1.41 and 5.0.24, which stems from the presence of a code logic...

ai.databand.azkaban:azkaban-common (=3.18.0), ai.databand.azkaban:azkaban-exec-server (=3.18.0) +2426 more potentially affected by CVE-2017-3586 via mysql:mysql-connector-java (>=3.0.10 <=5.1.41)

mysql:mysql-connector-java MAVEN version =3.0.10, =1.0.0, =1.1.5.RELEASE, =1.0.1, =0.0.1, =0.3.0, =0.2.0, =0.2.0, =0.4.1 and more Source cves: CVE-2017-3586 Source advisory: OSV:GHSA-PWH7-92H3-MQR6...

GHSA-CJCF-WM2P-59H5 Exposure of Sensitive Information to an Unauthorized Actor in Oracle MySQL Connectors Java

Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/J. Supported versions that are affected are 5.1.41 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise...

UBUNTU-CVE-2017-3586

Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/J. Supported versions that are affected are 5.1.41 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Whil...

cotonti CMS 0.9.4 - Multiple Vulnerabilities

Cotonti CMS v0.9.4 Multiple Remote Vulnerabilities Vendor: Cotonti Team Product web page: http://www.cotonti.com Affected version: 0.9.4 Siena Summary: Cotonti is a powerful open-source web development framework and content manager with a focus on security, speed and flexibility. Desc: Input pass...

iBrowser Plugin 1.4.1 Local File Inclusion

iBrowser Plugin v1.4.1 lang Local File Inclusion Vulnerability Vendor: net4visions.com Product web page: http://www.net4visions.com Affected version: lang.'.php' ; 70: $this - charset = $langcharset; 71: $this - dir = $langdirection; 72: $this - langdata = $langdata; 73: unset $langdata ; 74:...

Tugux CMS 1.2 (pid) arbitrary file deletion defect and repair-vulnerability warning-the black bar safety net

Tugux CMS 1.2 pid Remote Arbitrary File Deletion Vulnerability Vendor: Tugux Studios Product web page: http://www.tugux.com Affected version: 1.2 Summary: Tugux CMS is a free open source content management system CMS and application that powers the entire web. Desc: Input passed to the 'pid'...

TCExam 11.2.011 Cross Site Scripting

TCExam =11.2.011 Multiple Cross-Site Scripting Vulnerabilities Vendor: Tecnik.com s.r.l. Product web page: http://www.tcexam.org Affected version: 11.2.009, 11.2.010 and 11.2.011 Summary: TCExam is a FLOSS system for electronic exams also know as CBA - Computer-Based Assessment, CBT -...

Pacer Edition CMS 2.1 (l param)local file inclusion flaw and fix-vulnerability warning-the black bar safety net

Pacer Edition CMS 2.1 l param Local File Inclusion Vulnerability Vendor: The Pacer Edition Product web page: http://www.thepaceredition.com Affected version: RC 2.1 SVN: 8 6 7 Summary: The 'Pacer Edition' is a Content Management SystemCMS written using PHP 5.2.9 as a minimum requirement. The Pace...

Pacer Edition CMS 2.1 (l param) Local File Inclusion Vulnerability

Exploit for php platform in category web applications Pacer Edition CMS 2.1 l param Local File Inclusion Vulnerability Vendor: The Pacer Edition Product web page: http://www.thepaceredition.com Affected version: RC 2.1 SVN: 867 Summary: The 'Pacer Edition' is a Content Management SystemCMS writte...

Pacer Edition CMS 2.1 - &#039;l&#039; Local File Inclusion

Pacer Edition CMS 2.1 l param Local File Inclusion Vulnerability Vendor: The Pacer Edition Product web page: http://www.thepaceredition.com Affected version: RC 2.1 SVN: 867 Summary: The 'Pacer Edition' is a Content Management SystemCMS written using PHP 5.2.9 as a minimum requirement. The Pacer...

Tugux CMS 1.2 XSS / LFI / SQL Injection / URL Redirection

Title: Tugux CMS 1.2 Multiple Remote Vulnerabilities ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Vendor: Tugux Studios ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Product web page: http://www.tugux.com...

TutorialMS v1.4 (show) Remote SQL Injection Vulnerability

Exploit for php platform in category web applications TutorialMS v1.4 show Remote SQL Injection Vulnerability . . --------------------------------------------------------------------------------- | | | Vendor: TutorialMS.com | | Product web page: http://www.tutorialms.com | | Affected version: 1....

DoceboLms 4.0.4 - Multiple Persistent Cross-Site Scripting Vulnerabilities

DoceboLms 4.0.4 - Multiple Persistent Cross-Site Scripting Vulnerabilities DoceboLMS 4.0.4 Multiple Stored XSS Vulnerabilities function xss1document.forms"xss1".submit; function xss2document.forms"xss2".submit; input type="hidden" name="authentic...