8 matches found
CVE-2026-43936
e107 is a content management system CMS. Prior to 2.3.4, you can access the local environment by specifying the URL of the local environment from "Image/File URL:" of "From a remote location" in "Media Manager" on the administrator screen. This vulnerability is fixed in 2.3.4...
CVE-2026-43936
Summary: CVE-2026-43936 affects the e107 content management system (CMS). Before version 2.3.4, an SSRF flaw in the remote file fetcher can be triggered via the Image/File URL field in Media Manager’s From a remote location, allowing access to local environment resources. The issue is fixed in 2....
CVE-2026-43936
e107 is a content management system CMS. Prior to 2.3.4, you can access the local environment by specifying the URL of the local environment from "Image/File URL:" of "From a remote location" in "Media Manager" on the administrator screen. This vulnerability is fixed in 2.3.4...
EUVD-2026-31847
e107 is a content management system CMS. Prior to 2.3.4, you can access the local environment by specifying the URL of the local environment from "Image/File URL:" of "From a remote location" in "Media Manager" on the administrator screen. This vulnerability is fixed in 2.3.4...
PT-2026-43268
e107 is a content management system CMS. Prior to 2.3.4, you can access the local environment by specifying the URL of the local environment from "Image/File URL:" of "From a remote location" in "Media Manager" on the administrator screen. This vulnerability is fixed in 2.3.4...
The vulnerability of the GE Proficy HMI/SCADA iFIX monitoring tool for technological operations, the client-server application for data processing and control of technological operations (Proficy HMI/SCADA CIMPLICITY), and the Proficy Historian repository lies in the insufficient security of account protection, allowing attackers to obtain user passwords.
The vulnerability of the GE Proficy HMI/SCADA iFIX control system, the client-server application for data processing and control operations, as well as the Proficy HMI/SCADA CIMPLICITY control system and the Proficy Historian repository, is related to insufficiently secure account protection...
Android Arbitrary Code Execution Vulnerability (CNVD-2015-08094)
Android is a mobile operating system based on the Linux open kernel led and developed by Google and the Open Handset Alliance. An arbitrary code execution vulnerability exists in LMY48Z in Google Android 4.4 and 5.x versions prior to 5.1.1, which allows remote attackers to execute arbitrary code ...
Hardcoded credentials
An unspecified servlet in IBM Platform Symphony Developer Edition DE 5.2 and 6.1.x through 6.1.1 has hardcoded credentials, which allows remote attackers to bypass authentication and obtain "local environment" access via unknown vectors...