RPi-Jukebox-RFID 操作系统命令注入漏洞

RPi-Jukebox-RFID is a contactless jukebox for the Raspberry Pi from the individual developers at Micz Flor in Germany. It plays audio files, playlists, podcasts, web streams and spotify triggered by the RFID card. An operating system command injection vulnerability exists in RPi-Jukebox-RFID...

DanWin hosting var/www/html/files.php cross-site request forgery vulnerability

DanWin hosting is a TOR-based installation program for shared hosting servers. A cross-site request forgery vulnerability exists in the var/www/html/files.php file in DanWin hosting 2018-02-11 and earlier versions. A remote attacker can use this vulnerability to add/delete/change arbitrary files ...