EUVD-2018-2640

Malware in sbrugna...

CVE-2024-3117

A vulnerability classified as critical was found in YouDianCMS up to 9.5.12. This vulnerability affects unknown code of the file App\Lib\Action\Admin\ChannelAction.class.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has...

CVE-2024-3117 YouDianCMS ChannelAction.class.php unrestricted upload

A vulnerability classified as critical was found in YouDianCMS up to 9.5.12. This vulnerability affects unknown code of the file App\Lib\Action\Admin\ChannelAction.class.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has...

PT-2023-3260 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions 0.83 through 9.5.12 GLPI versions 10.0.0 through 10.0.6 Description: The issue is related to incorrect privilege management in GLPI, allowing an authenticated user to modify emails of any other user, including the administrator'...

PT-2023-3264 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions 0.85 through 9.5.12 GLPI versions 10.0.0 through 10.0.6 Description: The issue is related to insufficient user data sanitization on search pages, allowing an attacker to craft a malicious link that can exploit a reflected XSS wh...

PT-2023-9271 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 9.5.12 GLPI versions prior to 10.0.6 Description: The issue is related to improper privilege management, allowing any user with access to the standard interface to export data of almost any GLPI item type, including...

TYPO3 9.5.12 < 9.5.17 / 10.2 < 10.4.2 XSS (TYPO3-CORE-SA-2020-003)

The version of TYPO3 installed on the remote host is 9.5.12 prior to 9.5.17 or 10.2 prior to 10.4.2. It is, therefore, affected by a cross-site scripting XSS vulnerability in its link handling component due to improper validation of user-supplied input before returning it to users. An...

TYPO3 Link Handling Component Cross-Site Scripting Vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in the Link Handling component of TYPO3 versions 9.5.12 through 9.5.16 and 10.2.0 through 10.4.1. The vulnerability stems from a lack of proper...

PT-2020-12526 · Typo3 · Typo3/Cms

Name of the Vulnerable Software and Affected Versions: TYPO3 CMS versions 9.5.12 through 9.5.16 TYPO3 CMS versions 10.2.0 through 10.4.1 Description: The issue concerns link tags generated by typolink functionality, which are vulnerable to cross-site scripting. Properties being assigned as HTML...

TYPO3 Path Traversal Vulnerability

TYPO3 is a free and open source content management system written in PHP under the GNU General Public License. A path traversal vulnerability exists in the extraction of manually uploaded ZIP archive files in Extension Manager in TYPO3 versions prior to 8.7.30, 9.x versions prior to 9.5.12, and...

TYPO3 code issue vulnerability (CNVD-2020-04075)

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A security vulnerability exists in the QueryGenerator and QueryView classes in TYPO3 versions prior to 8.7.30, 9.x versions prior to 9.5.12, and 10.x versions prior to 10.2.2. An attacker...

CVE-2019-19850

An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. Because escaping of user-submitted content is mishandled, the class QueryGenerator is vulnerable to SQL injection. Exploitation requires having the system extension ext:lowlevel installed, and a valid backe...

Flexense DiskSorter Enterprise Cross-Site Scripting Vulnerability

Flexense DiskSorter Enterprise is a file classification solution from Flexense Canada. The solution supports classification of files on local disks, network shares, NAS storage devices and enterprise storage systems. A cross-site scripting vulnerability exists in Flexense DiskSorter Enterprise...

CVE-2018-10568

XSS exists in Flexense DiskSorter Enterprise from v9.5.12 to v10.7...

PostgreSQL RCE Vulnerability (Feb 2018) - Linux

PostgreSQL is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Security fix for the ALT Linux 7 package postgresql9.5 version 9.5.12-alt0.M70P.1

9.5.12-alt0.M70P.1 built March 4, 2018 Alexei Takaseev in task 201191 March 2, 2018 Alexei Takaseev - 9.5.12 - Fix CVE-2018-1058...

VX Search Enterprise GET Buffer Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VX Search Enterprise GET Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability in the web interfac...

DiskBoss Enterprise 7.8.16 - Import Command Local Buffer Overflow

DiskBoss Enterprise 7.8.16 - Import Command Local Buffer Overflow !/usr/bin/env python Exploit Title: DiskBoss Enterprise v7.8.16 - 'Import Command' Buffer Overflow Date: 2017-03-29 Exploit Author: Daniel Teixeira Author Homepage: www.danielteixeira.com Vendor Homepage: http://www.diskboss.com...

Disk Sorter Enterprise 9.5.12 - &#039;Import Command&#039; Local Buffer Overflow

!/usr/bin/env python Exploit Title: DiskSorter Enterprise 9.5.12 - 'Import Command' Buffer Overflow SEH Date: 2017-03-29 Exploit Author: Daniel Teixeira Author Homepage: www.danielteixeira.com Vendor Homepage: http://www.disksorter.com Software Link:...

Disk Sorter Enterprise 'GET' Buffer Overflow Vulnerability

Flexense Disk Sorter Enterprise is a file categorization solution from Flexense USA. The solution supports file classification to disk, directory, network share and NAS storage devices and performs advanced historical trending operations. A buffer overflow vulnerability exists in Disk Sorter...