PT-2023-29142 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: The issue is related to an arbitrary file write vulnerability. It affects the component admin smtp.php. Recommendations: For SeaCMS version 12.9, consider disabling access to the admin smtp.php component until...

CVE-2023-43216

SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component adminip.php...

CVE-2023-44171

SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component adminsmtp.php...

PT-2023-29141 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: The issue is related to an arbitrary file write vulnerability. This vulnerability is present in the admin ping.php component. Recommendations: For SeaCMS version 12.9, consider disabling access to the admin...

PT-2023-28733 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: The issue is related to an arbitrary file write vulnerability. This vulnerability is present in the component admin ip.php. Recommendations: For SeaCMS version 12.9, consider disabling access to the admin ip.p...

CVE-2023-44171

SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component adminsmtp.php...

CVE-2023-44170

SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component adminping.php...

CVE-2023-44169

SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component adminnotify.php...

CVE-2023-44169

SeaCMS v12.9 is affected by CVE-2023-44169, a high-severity arbitrary file write vulnerability in the admin_notify.php component. The CVSSv3.1 base score is 9.8 (CRITICAL) with Network attack vector, no privileges required, and no user interaction. Impact spans confidentiality, integrity, and ava...

CVE-2023-44171

CVE-2023-44171 affects SeaCMS v12.9, with an arbitrary file write vulnerability in the admin_smtp.php component. The advisory notes a network-accessible, unauthenticated flaw (CVSS: 9.8, HIGH impact; Confidentiality/Integrity/Availability all High). Exploitation details are not provided in the pr...

CVE-2023-43216

SeaCMS v12.9 contains an arbitrary file write vulnerability in the admin_ip.php component. Affected: SeaCMS 12.9; vulnerability type: arbitrary file write (root cause not further clarified in the provided documents). Impact indicators from CVSS 3.1: Critical (9.8), Network attack vector, no privi...

CVE-2023-44172

SeaCMS 12.9 contains an arbitrary file write vulnerability in the admin_weixin.php component. The CVE-2023-44172 entry is supported by multiple sources (NVD, Red Hat, CNNVD, cve.org/etc.), citing a high-severity issue with CVSS 3.1 base score 9.8 (CRITICAL) and a network-exposed, no-auth, high-im...

PT-2023-29139 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: The issue is related to an arbitrary file write vulnerability. This vulnerability is present in the component admin notify.php. Recommendations: For SeaCMS version 12.9, consider disabling access to the admin...

CVE-2023-44170

CVE-2023-44170 affects SeaCMS v12.9, via the admin_ping.php component, enabling an arbitrary file write. The issue is classified with CVSS 3.1 base score 9.8 (CRITICAL) with network attack vector, low complexity, no privileges required, and requires no user interaction; impact to confidentiality,...

CVE-2023-44172

SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component adminweixin.php...

PT-2023-29143 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: The issue is related to an arbitrary file write vulnerability. It affects the component admin weixin.php, allowing for potential unauthorized file modifications. Recommendations: For SeaCMS version 12.9,...

Path Traversal

NATS nats-server is vulnerable to Path Traversal. The vulnerability is caused by a missing validation check while constructing filenames for account synchronization, which happens in the system account, allowing arbitrary file write as the user running NATS by anyone who can publish arbitrary...

Tenable Nessus < 10.5.5 Multiple Vulnerabilities (TNS-2023-31)

According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 10.5.5. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-31 advisory. - A pass-back vulnerability exists where an authenticated, remote attacker with...

[R2] Nessus Version 10.5.5 Fixes Multiple Vulnerabilities

R2 Nessus Version 10.5.5 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 09/21/2023 - 10:55 A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges could uncover stored SMTP credentials within the Nessus application. - CVE-2023-3251 An arbitrary fil...

DEBIAN-CVE-2023-4759

Arbitrary File Overwrite in Eclipse JGit = 6.6.0 In Eclipse JGit, all versions = 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive...