44 matches found
PT-2024-35793 · Spip · Spip
Name of the Vulnerable Software and Affected Versions: SPIP version 4.3.3 Description: The issue concerns an authenticated arbitrary file upload vulnerability in the Documents module. This allows attackers to execute arbitrary code by uploading a crafted PDF file. There is no information provided...
SPIP 安全漏洞
SPIP is a free software for creating Internet sites from the SPIP open source. A security vulnerability exists in SPIP v4.3.3, which originates from an authenticated arbitrary file upload vulnerability in the Documents module...
CVE-2024-53619
CVE-2024-53619 concerns an authenticated arbitrary file upload in the Documents module of SPIP v4.3.3 that can lead to arbitrary code execution via a crafted PDF upload. The incident is consistently described across multiple sources as affecting SPIP 4.3.3 with an authenticated file upload path, ...
CVE-2024-53619
An authenticated arbitrary file upload vulnerability in the Documents module of SPIP v4.3.3 allows attackers to execute arbitrary code via uploading a crafted PDF file...
BIT-SUITECRM-2020-15300
SuiteCRM through 7.11.13 has an Open Redirect in the Documents module via a crafted SVG document...
The vulnerability of the Documents module in the ABO.CMS system allows a perpetrator to execute arbitrary code.
The vulnerability of the Documents module in the ABO.CMS system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
CVE-2023-46953
SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module...
CVE-2023-46953
SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module...
Sql injection
SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module...
CVE-2023-46953
SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module...
PT-2023-8180 · Abo.Cms · Abo.Cms
Name of the Vulnerable Software and Affected Versions: ABO.CMS version 5.9.3 Description: The issue is related to a SQL Injection vulnerability in the Documents module of ABO.CMS, which allows remote attackers to execute arbitrary code via the d parameter. This vulnerability is due to the lack of...
Odoo Cross-Site Scripting Vulnerability (CNVD-2020-73762)
Odoo is an open source enterprise management suite , its features cover CRM, sales, purchasing, inventory management , manufacturing , quality management , HR full-featured , financial management , project management , PLM and a series of perfect enterprise information needs . A cross-site...
Odoo 跨站脚本漏洞
Odoo is an open source enterprise management suite , its features cover CRM, sales, purchasing, inventory management , manufacturing , quality management , HR full-featured , financial management , project management , PLM and a series of perfect enterprise information needs . A cross-site...
SuiteCRM Open Redirect Vulnerability
SuiteCRM is a free open source customer relationship management application. An open redirection vulnerability exists in the Documents module in SuiteCRM 7.11.13 and earlier versions. An attacker can exploit this vulnerability to redirect users to arbitrary URLs via specially crafted SVG document...
CVE-2020-15300
SuiteCRM through 7.11.13 has an Open Redirect in the Documents module via a crafted SVG document...
CVE-2020-15300
SuiteCRM through 7.11.13 has an Open Redirect in the Documents module via a crafted SVG document...
Open redirect
SuiteCRM through 7.11.13 has an Open Redirect in the Documents module via a crafted SVG document...
CVE-2020-15300
SuiteCRM through 7.11.13 has an Open Redirect in the Documents module via a crafted SVG document...
CVE-2020-15300
CVE-2020-15300 affects SuiteCRM up to version 7.11.13, with an Open Redirect in the Documents module triggered by a crafted SVG document. The underlying issue is an input/redirect handling weakness in the Documents feature, enabling a user-assisted redirect to an arbitrary URL. Impact is describe...
SuiteCRM 输入验证错误漏洞
SuiteCRM is a free open source customer relationship management application. An open redirection vulnerability exists in the Documents module in SuiteCRM 7.11.13 and earlier versions. An attacker can exploit this vulnerability to redirect users to arbitrary URLs via specially crafted SVG document...