4 matches found
EUVD-2023-35164
Malicious code in bioql PyPI...
CVE-2023-30804
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authenticated file disclosure vulnerability. A remote and authenticated attacker can read arbitrary system files using the svpnhtml/loadfile.php endpoint. This issue is exploitable by a remote and unauthenticated...
CVE-2023-30804
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authenticated file disclosure vulnerability. A remote and authenticated attacker can read arbitrary system files using the svpnhtml/loadfile.php endpoint. This issue is exploitable by a remote and unauthenticated...
Arbitrary file deletion
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authenticated file disclosure vulnerability. A remote and authenticated attacker can read arbitrary system files using the svpnhtml/loadfile.php endpoint. This issue is exploitable by a remote and unauthenticated...