3 matches found
Drupal Panels module < 4.9.0 - Unauthenticated Broken Access Control vulnerability
Unauthenticated Broken Access Control vulnerability discovered by Manuel Adán manuel.adan in WordPress Module Panels versions 4.9.0...
CVE-2024-47563
A vulnerability has been identified in SINEC Security Monitor All versions V4.9.0. The affected application does not properly validate a file path that is supplied to an endpoint intended to create CSR files. This could allow an unauthenticated remote attacker to create files in writable...
AZL-26247 CVE-2023-29383 affecting package shadow-utils for versions less than 4.9-13
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn change finger. Although it is not possible to exploit this directly e.g., adding a new user fails because \n is in the block list, it is possible to misrepresent the /etc/passwd file when...