Apache CloudStack 代码注入漏洞

Apache CloudStack is an IaaS cloud computing platform developed by the Apache Foundation in the United States. This platform is primarily used for deploying and managing large-scale virtual machine networks. Apache CloudStack has a code injection vulnerability, which stems from a lack of filename...

django-mdeditor 访问控制错误漏洞

django-mdeditor is an Editor.md-based Django Markdown editor plugin developed by DeanWu. django-mdeditor has a access control vulnerability, which stems from the lack of key functionality for authentication at the image upload endpoint. This vulnerability allows attackers to upload malicious file...

Uploady 跨站脚本漏洞

Uploady is a modern secure file upload script developed by Faris AL-Otaibi, designed to support multiple file uploads. Versions of Uploady prior to 3.1.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper filename cleaning during the file upload process, whic...

The vulnerability of the implementation of the GPU-based terminal emulator protocol in GPU Kitty relates to the absence of measures to neutralize special elements. This allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the GPU-based terminal emulator’s protocol implementation is related to the lack of filename cleaning when returning error messages. Exploiting this vulnerability can allow remote attackers to gain access to confidential data, compromise its integrity, and cause service...