32 matches found
Open WebUI 安全漏洞
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.5 contained security vulnerabilities. These vulnerabilities stemmed from a lack of workspace.tools permission checks at the tool update endpoint, which could allow...
CVE-2025-10313
The Find And Replace content for WordPress plugin for WordPress is vulnerable to unauthorized Stored Cross-Site Scripting and Arbitrary Content Replacement due to a missing capability check on the faradminajaxfun function in all versions up to, and including, 1.1. This makes it possible for...
CVE-2025-10313
The Find And Replace content for WordPress plugin for WordPress is vulnerable to unauthorized Stored Cross-Site Scripting and Arbitrary Content Replacement due to a missing capability check on the faradminajaxfun function in all versions up to, and including, 1.1. This makes it possible for...
EUVD-2025-34541
The Find And Replace content for WordPress plugin for WordPress is vulnerable to unauthorized Stored Cross-Site Scripting and Arbitrary Content Replacement due to a missing capability check on the faradminajaxfun function in all versions up to, and including, 1.1. This makes it possible for...
CVE-2025-10313
CVE-2025-10313 Find And Replace content for WordPress – unauthenticated Stored Cross-Site Scripting and Arbitrary Content Replacement due to missing capability check in far_admin_ajax_fun() for versions
CVE-2025-10313 Find And Replace content for WordPress <= 1.1 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting
The Find And Replace content for WordPress plugin for WordPress is vulnerable to unauthorized Stored Cross-Site Scripting and Arbitrary Content Replacement due to a missing capability check on the faradminajaxfun function in all versions up to, and including, 1.1. This makes it possible for...
CVE-2025-10313 Find And Replace content for WordPress <= 1.1 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting
The Find And Replace content for WordPress plugin for WordPress is vulnerable to unauthorized Stored Cross-Site Scripting and Arbitrary Content Replacement due to a missing capability check on the faradminajaxfun function in all versions up to, and including, 1.1. This makes it possible for...
EUVD-1999-0979
Malware in sbrugna...
EUVD-2024-2231
Malicious code in bioql PyPI...
EUVD-2021-31660
Malicious code in bioql PyPI...
The vulnerability of the MediaCMS content management system, related to incorrect authorization, allows a hacker to delete directories in the file system and replace the content of user’s files.
The vulnerability of the MediaCMS content management system is related to incorrect authorization. Exploiting this vulnerability allows a malicious actor to delete directories in the file system and replace the content of user’s files...
CVE-2024-40547
PublicCMS v4.0.202302.e was discovered to contain an arbitrary file content replacement vulnerability via the component /admin/cmsTemplate/replace...
CVE-2024-40547
PublicCMS v4.0.202302.e was discovered to contain an arbitrary file content replacement vulnerability via the component /admin/cmsTemplate/replace...
BIT-MEDIAWIKI-2021-44857
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. It is possible to use action=mcrundo followed by action=mcrrestore to replace the content of any arbitrary page that the user doesn't have edit rights for. This applies to any public wiki, or a...
CVE-2021-44857
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. It is possible to use action=mcrundo followed by action=mcrrestore to replace the content of any arbitrary page that the user doesn't have edit rights for. This applies to any public wiki, or a...
UBUNTU-CVE-2021-44857
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. It is possible to use action=mcrundo followed by action=mcrrestore to replace the content of any arbitrary page that the user doesn't have edit rights for. This applies to any public wiki, or a...
CVE-2021-44857
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. It is possible to use action=mcrundo followed by action=mcrrestore to replace the content of any arbitrary page that the user doesn't have edit rights for. This applies to any public wiki, or a...
CVE-2021-44857
CVE-2021-44857 affects MediaWiki up to: 1.35.4? (note: listed as 1.35.5, 1.36.x before 1.36.3, 1.37.x before 1.37.1). The issue allows an attacker to use action=mcrundo followed by action=mcrrestore to replace the content of any arbitrary page, even if the user lacks edit rights on that page, app...
CVE-2021-44857
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. It is possible to use action=mcrundo followed by action=mcrrestore to replace the content of any arbitrary page that the user doesn't have edit rights for. This applies to any public wiki, or a...
The vulnerability of Microsoft SharePoint Server packages, related to the lack of integrity checks, allows attackers to gain unauthorized access to protected information.
The vulnerability of Microsoft SharePoint Server packages is related to the lack of integrity checks. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by replacing the content of files during the download of updates...