PHOENIX CONTACT多款产品 后置链接漏洞

PHOENIX CONTACT AXC F 1152 is a controller device from PHOENIX CONTACT. A backlink vulnerability exists in several PHOENIX CONTACT products, which can be exploited by a low-privilege remote attacker to gain read, write, and execute privileges to arbitrary files on the device by replacing key file...

PHOENIX CONTACT多款产品 后置链接漏洞

PHOENIX CONTACT AXC F 1152 and others are a controller device from PHOENIX CONTACT, Germany. A backlink vulnerability exists in various PHOENIX CONTACT products, which stems from the fact that key files used by the watchdog can be replaced, potentially allowing a low-privileged attacker to gain...

Microsoft PC Manager 后置链接漏洞

Microsoft PC Manager is a computer management software from Microsoft USA that allows one-click acceleration, system space management, pop-up window management, and full health check. Microsoft PC Manager suffers from a backlink vulnerability. An attacker can exploit this vulnerability to elevate...

Microsoft Visual Studio 后置链接漏洞

Microsoft Visual Studio is a family of development tool suites and a largely complete development toolset from Microsoft Corporation USA that includes most of the tools needed throughout the software lifecycle. A backlink vulnerability exists in Microsoft Visual Studio. The following products and...

Microsoft Windows 后置链接漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A backlink vulnerability exists in Microsoft Windows. An attacker could exploit this vulnerability to cause a denial of service. The following products and editions are affected:Windows 1...

Microsoft Windows AppX Deployment Service 后置链接漏洞

Microsoft Windows AppX Deployment Service is a service in Windows from Microsoft Corporation USA that manages the installation, update and uninstallation of Microsoft Store applications. A backlink vulnerability exists in Microsoft Windows AppX Deployment Service. An attacker could exploit the...

Microsoft Windows Update 后置链接漏洞

Microsoft Windows Update is a program update service from Microsoft Corporation USA. A backlink vulnerability exists in Microsoft Windows Update. An attacker could exploit this vulnerability to elevate privileges. The following products and versions are affected:Windows 10 Version 1809 for 32-bit...

sslh 后置链接漏洞

sslh is an application protocol multiplexer by the individual developer Yves Rutschle. A backlink vulnerability exists in versions prior to sslh 2.2.2, which stems from improper link resolution before file access...

Microsoft Windows Installer 后置链接漏洞

Microsoft Windows Installer is a component of the Windows operating system from Microsoft Corporation USA. It provides a standard basis for installing and uninstalling software. A backlink vulnerability exists in Microsoft Windows Installer. An attacker could exploit the vulnerability to elevate...

2BrightSparks SyncBackFree 后置链接漏洞

2BrightSparks SyncBackFree is a file backup software from 2BrightSparks Singapore. 2BrightSparks SyncBackFree suffers from a backlink vulnerability that stems from a link-following issue with the Mirror feature, which could lead to local elevation of privilege...

Realtek Bluetooth HCI Adaptor 后置链接漏洞

Realtek Bluetooth HCI Adaptor is a Bluetooth driver from China-based Realtek Semiconductor Realtek. A backlink vulnerability exists in Realtek Bluetooth HCI Adaptor, which stems from a link-following issue that could lead to arbitrary file deletion and elevation of privilege...

CVE-2024-12714

The Backlink Monitoring Manager WordPress plugin through 0.1.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-5641

The Martins Free & Easy SEO BackLink Link Building Network WordPress plugin before 1.2.30 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

Qt 后置链接漏洞

Qt is a cross-platform application development framework from the Qt open source. A backlink vulnerability exists in Qt versions 5.15.18 and earlier, 6.0.0 through 6.5.8, and 6.6.0 through 6.8.1, which stems from improper link resolution and can lead to symbolic link attacks and the use of...

Microsoft PC Manager 后置链接漏洞

Microsoft PC Manager is a computer management software from Microsoft USA that allows one-click acceleration, system space management, pop-up window management, and full health check. Microsoft PC Manager suffers from a backlink vulnerability. An attacker can exploit this vulnerability to elevate...

Microsoft Windows Installer 后置链接漏洞

Microsoft Windows Installer is a component of the Windows operating system from Microsoft Corporation USA. It provides a standard basis for installing and uninstalling software. A backlink vulnerability exists in Microsoft Windows Installer. An attacker could exploit the vulnerability to obtain...

Dell Trusted Device Backlink Vulnerability

Dell Trusted Device is an application from Dell USA. Dell Trusted Device suffers from a backlink vulnerability that stems from improper link resolution and can be exploited by an attacker to cause an elevation of privilege...

Dell Trusted Device 后置链接漏洞

Dell Trusted Device is an application from Dell USA. Dell Trusted Device suffers from a backlink vulnerability that stems from improper link resolution and can be exploited by an attacker to cause an elevation of privilege...

Microsoft Windows Installer 后置链接漏洞

Microsoft Windows Installer is a component of the Windows operating system from Microsoft Corporation USA. It provides a standard basis for installing and uninstalling software. A backlink vulnerability exists in Microsoft Windows Installer. An attacker could exploit the vulnerability to elevate...

Metabase 后置链接漏洞

Metabase is an open source data analytics platform from the US-based Metabase, Inc. A backlink vulnerability exists in Metabase versions prior to v0.52.16.4, prior to v1.52.16.4, prior to v0.53.8, and prior to v1.53.8, which stems from a bypass of the GeoJson endpoint local link access protection...