WordPress plugin Smart Slider 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists in...

WordPress plugin Easy WP SMTP 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

CVE-2022-35268

A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...

CVE-2022-35263

A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...

PT-2022-22667 · Robustel · Robustel R1510

Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of reques...

WordPress plugin Import any XML or CSV File 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

Robustel R1510 操作系统命令注入漏洞

The Robustel R1510 is an industrial VPN router from Robustel China.The Robustel R1510 is vulnerable to an operating system command injection vulnerability, which stems from the fact that specially crafted network packets can be subject to a command injection vulnerability in the...

PT-2021-24246 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.37 Description: The issue concerns a problem where the Special:ImportFile URI, also known as FileImporter, in MediaWiki allows for cross-site scripting XSS attacks. This is demonstrated through the clientUrl...

CVE-2021-43802

CVE-2021-43802 affects Etherpad Lite versions before 1.8.16. An attacker can import a crafted .etherpad file to gain admin privileges, enabling installation of a malicious plugin that can execute arbitrary code. Privilege gain relies on triggering or waiting for old express-session state to be de...

UBUNTU-CVE-2020-28600

An out-of-bounds write vulnerability exists in the importstl.cc:importstl functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

WordPress 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in WordPress Business Directory Plugin versions...

CVE-2021-22201

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server...

UBUNTU-CVE-2021-22201

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server...

Design/Logic Flaw

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server...

CVE-2021-22201

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server...

CVE-2021-22201

Removed by vendor...

PT-2021-14912 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.9 and later Description: An issue has been discovered in GitLab CE/EE where a specially crafted import file could read files on the server. Recommendations: For GitLab CE/EE versions 13.9 and later, consider restricti...

GitLab 安全漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to view the contents of a project's files, commit history, bug lists, and more. A security vulnerability exists in GitLab CE/EE...

PT-2021-11569 · Openscad · Openscad

Name of the Vulnerable Software and Affected Versions: Openscad version openscad-2020.12-RC2 Description: A stack-based buffer overflow vulnerability exists in the import stl.cc:import stl functionality. This vulnerability can be triggered by a specially crafted STL file, potentially leading to...

CVE-2020-15301

SuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts, Opportunities, and Leads modules. These fields are mishandled during a Download Import File Template operation...