File Upload(RCE) Vulnerability in admidio

Summary A critical unrestricted file upload vulnerability exists in the Documents & Files module of Admidio. Due to a design flaw in how CSRF token validation and file extension verification interact within UploadHandlerFile.php, an authenticated user with upload permissions can bypass file...

Linux Distros Unpatched Vulnerability : CVE-2024-51488

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing does not adequately validate CSRF tokens...

GHSA-VCR8-H8QP-QJ8H Cross-Site Request Forgery in Jenkins

Jenkins 2.191 and earlier, LTS 2.176.2 and earlier allowed users to obtain CSRF tokens without an associated web session ID, resulting in CSRF tokens that did not expire and could be used to bypass CSRF protection for the anonymous user...

GNU Mailman 跨站请求伪造漏洞

GNU Mailman is a free suite of software from the GNU community for managing e-mail discussions and e-mail lists. The software integrates with Web projects to make it easy for users to manage email subscription accounts and provides built-in archiving, automatic forwarding processing, content...