133 matches found
CVE-2021-43675
Lychee-v3 3.2.16 is affected by a Cross Site Scripting XSS vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user...
CVE-2021-43675
Lychee-v3 3.2.16 is affected by a Cross Site Scripting XSS vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user...
Cross site scripting
Lychee-v3 3.2.16 is affected by a Cross Site Scripting XSS vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user...
CVE-2021-43675
Lychee-v3 3.2.16 is affected by a Cross Site Scripting XSS vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user...
CVE-2021-43675
Lychee-v3 3.2.16 is affected by a Cross Site Scripting (XSS) vulnerability in php/Access/Guest.php. The issue arises because the exit path prints a message to the user that includes albumID, which is controllable by the attacker. Affected component: Lychee-v3, version 3.2.16; vulnerable function/...
PT-2021-23904 · Lychee-V3 · Lychee-V3
Name of the Vulnerable Software and Affected Versions: Lychee-v3 version 3.2.16 Description: The issue is related to a Cross Site Scripting XSS vulnerability in the php/Access/Guest.php file. The exit function will terminate the script and print a message to the user, which contains the albumID...
Lychee 跨站脚本漏洞
Lychee is a beautiful and easy to use photo management system open sourced by The Lychee Organisation. Lychee has a cross-site scripting vulnerability, and no details of the vulnerability are available...
Guangzhou Lychee Network Co. Touchmedia News APP has file upload vulnerability
Touchdown News App is a news and information app. A file upload vulnerability exists in Touchmedia News APP by Guangzhou Lychee Network Co. An attacker can exploit the vulnerability to upload arbitrary PHP files and execute arbitrary PHP scripts on a remote server...
Lychee Live AliCloud OSS credentials have information leakage vulnerability
Lychee Live app is an Internet-based interactive live broadcasting platform launched by Guangdong Network Radio and Television. There is an information leakage vulnerability in Lychee Live Aliyun OSS credentials. The vulnerability is caused by credential leakage due to the use of SDK with...
Lychee 'importUrl()' function remote code execution vulnerability
Lychee is a free, open source image management tool. A remote code execution vulnerability exists in Lychee. An attacker could use this vulnerability to execute arbitrary code in the context of an affected application, which could also result in a denial of service...
Lychee 2.7.1 remote code execution
Advisory ID: SGMA15-002 Title: Lychee remote code execution Product: Lychee Version: 2.7.1 and probably prior Vendor: lychee.electerious.com Vulnerability type: Remote Code Execution Risk level: High Credit: Filippo Cavallarin - segment.technology CVE: N/A Vendor notification: 2015-04-12 Vendor...
Lychee 2.7.1 Remote Code Execution Vulnerability
Lychee version 2.7.1 suffers from a remote code execution vulnerability when logged in as an administrator. Title: Lychee remote code execution Product: Lychee Version: 2.7.1 and probably prior Vendor: lychee.electerious.com Vulnerability type: Remote Code Execution Risk level: High Credit: Filip...
Lychee 2.7.1 Remote Code Execution
Advisory ID: SGMA15-002 Title: Lychee remote code execution Product: Lychee Version: 2.7.1 and probably prior Vendor: lychee.electerious.com Vulnerability type: Remote Code Execution Risk level: High Credit: Filippo Cavallarin - segment.technology CVE: N/A Vendor notification: 2015-04-12 Vendor...