CVE-2023-52823

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

WWBN AVideo Code Issue Vulnerability

WWBN AVideo is a video platform builder written in PHP by the WWBN team. WWBN AVideo suffers from a code issue that stems from an unrestricted php file upload vulnerability in the temporary copy method of the import.json.php page...

DEBIAN-CVE-2021-3816

Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the groupprefix field during the creation of a new group via "Copy" method at usergroupadmin.php...

DEBIAN-CVE-2021-23225

Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "newusername" field during creation of a new user via "Copy" method at useradmin.php...

UBUNTU-CVE-2021-23225

Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "newusername" field during creation of a new user via "Copy" method at useradmin.php...

UBUNTU-CVE-2021-3816

Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the groupprefix field during the creation of a new group via "Copy" method at usergroupadmin.php...

CVE-2021-3816

Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the groupprefix field during the creation of a new group via "Copy" method at usergroupadmin.php...

CVE-2021-23225

Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "newusername" field during creation of a new user via "Copy" method at useradmin.php...

Design/Logic Flaw

Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the groupprefix field during the creation of a new group via "Copy" method at usergroupadmin.php...

Cacti 跨站脚本漏洞

Cacti is an open source set of network traffic monitoring and analysis tools from the Cacti team. The tool obtains data via snmpget, uses RRDtool drawing graphs for analysis, and provides data and user management features. a cross-site scripting vulnerability exists in Cacti, which stems from Cac...

Cacti 跨站脚本漏洞

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool uses snmpget to obtain data, uses RRDtool to draw graphs for analysis, and provides data and user management features. cross-site scripting vulnerability exists in Cacti, which stems from the...

CVE-2021-26612

An improper input validation leading to arbitrary file creation was discovered in copy method of Nexacro platform. Remote attackers use copy method to execute arbitrary command after the file creation included malicious code...

Tobesoft Nexacro 输入验证错误漏洞

Tobesoft Nexacro is a unified framework-based OSMU single-source multi-purpose application development solution from Tobesoft, South Korea. Nexacro 17 suffers from a security vulnerability that stems from an arbitrary file creation due to incorrect input validation found in the copy method of the...

GHSA-8MRF-64FW-2X75 Command injection in fs-path

fs-path node module before 0.0.25 is vulnerable to command injection by way of user-supplied inputs via the copy, copySync, remove, and removeSync methods...

CVE-2020-17361

An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h returns silently when a negative length is provided instead of throwing an exception. This could result in data being lost during the copy, with varying consequences depending on the subsequen...