4 matches found
[20260305] - Core - Arbitrary file deletion in com_joomlaupdate
Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism...
[20260306] - Core - Improper access check in webservice endpoints
An improper access check allows unauthorized access to webservice endpoints...
Internet Brands vBulletin 安全漏洞
Internet Brands vBulletin is a forum plugin from Internet Brands, Inc. A security vulnerability exists in Internet Brands vBulletin versions 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3, which stems from the possibility that an unauthenticated user could invoke protected API controller methods...
SUSE CVE-2018-11783
sslheaders plugin extracts information from the client certificate and sets headers in the request based on the configuration of the plugin. The plugin doesn't strip the headers from the request in some scenarios. This problem was discovered in versions 6.0.0 to 6.0.3, 7.0.0 to 7.1.5, and 8.0.0 t...