e107 代码问题漏洞

e107 is an open source, free and PHP and MySQL based Content Management System CMS from the E107 team. The system supports a variety of plug-ins and appearance of the theme , can be used as a personal blog , discussion community , archive repository and so on. A code issue vulnerability exists in...

EUVD-2020-3196

Malware in sbrugna...

EUVD-2022-31211

Malicious code in bioql PyPI...

The vulnerability of the SCADA Data Gateway (SDG) arises from incorrect restrictions on the path to the restricted access catalog. This allows attackers to create or delete arbitrary files under the administrator’s name.

The vulnerability of the SCADA system SCADA Data Gateway SDG is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability allows an attacker to create or delete arbitrary files under the administrator’s name...

CVE-2022-27192

The Reporting module in Aseco Lietuva document management system DVS Avilys before 3.5.58 allows unauthorized file download. An unauthenticated attacker can impersonate an administrator by reading administrative files...

CVE-2020-25716

A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is possible. An attacker with a specific group can perform actions restricted only to system administrator. This is the affect of an incomplete fix for CVE-2020-10783. The highest...

PT-2021-11172 · Red Hat · Cloudforms

Name of the Vulnerable Software and Affected Versions: Cloudforms versions prior to 5.11.10.1 Description: A role-based privileges escalation flaw exists, allowing the export or import of administrator files. This enables an attacker with a specific group to perform actions restricted to system...

CVE-2020-10783

Red Hat CloudForms 4.7 and 5 is affected by a role-based privilege escalation flaw. An attacker with EVM-Operator group can perform actions restricted only to EVM-Super-administrator group, leads to, exporting or importing administrator files...

Privilege escalation

Red Hat CloudForms 4.7 and 5 is affected by a role-based privilege escalation flaw. An attacker with EVM-Operator group can perform actions restricted only to EVM-Super-administrator group, leads to, exporting or importing administrator files...

CVE-2020-10783

Red Hat CloudForms 4.7 and 5 is affected by a role-based privilege escalation flaw. An attacker with EVM-Operator group can perform actions restricted only to EVM-Super-administrator group, leads to, exporting or importing administrator files...

CVE-2020-10783

CVE-2020-10783 affects Red Hat CloudForms Management Engine (CFME) 4.7/5.0.x; a role-based privilege escalation allowed an attacker with a specific group (EVM-Operator) to perform actions reserved for higher-privileged roles (EVM-Super-administrator), including exporting/importing administrator f...

NetGain Enterprise Manager Arbitrary File Overwrite Vulnerability

Netgain Enterprise Manager is a suite of IT asset monitoring and management software from NetGain Systems, Singapore. A directory traversal vulnerability exists in the org.apache.jsp.u.jsp.cnnic.asset.deviceReport.deviceReport005fexport005fdojsp servlet in NetGain Enterprise Manager, which stems...

NetGain Enterprise Manager Directory Traversal Vulnerability

Netgain Enterprise Manager is a suite of IT asset monitoring and management software from NetGain Systems, Singapore. A directory traversal vulnerability exists in the org.apache.jsp.u.jsp.restore.del005fdojsp servlet in NetGain Enterprise Manager, which originates from a process that fails to...