EUVD-2024-45812

Malicious code in bioql PyPI...

CVE-2024-52004

MediaCMS is an open source video and media CMS, written in Python/Django and React, featuring a REST API. MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recommended to upgrade...

The vulnerability of the MediaCMS content management system, related to incorrect authorization, allows a hacker to delete directories in the file system and replace the content of user’s files.

The vulnerability of the MediaCMS content management system is related to incorrect authorization. Exploiting this vulnerability allows a malicious actor to delete directories in the file system and replace the content of user’s files...

The vulnerability of the MediaCMS content management system lies in its lack of measures to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary operating system commands, gain control over resources, and penetrate the internal network.

The vulnerability of the MediaCMS content management system is related to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system commands remotely, gain...

CVE-2024-52004

MediaCMS is an open source video and media CMS, written in Python/Django and React, featuring a REST API. MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recommended to...

CVE-2024-52004

CVE-2024-52004 affects MediaCMS (Python/Django + React, REST API). Root cause: insufficient input validation during media upload, allowing remote code execution under specific conditions when the portal permits uploading content. Affected versions: all prior to 4.1.0; patched in 4.1.0. Practical ...

CVE-2024-52004 Remote code execution vulnerabilities in MediaCMS

MediaCMS is an open source video and media CMS, written in Python/Django and React, featuring a REST API. MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recommended to...

CVE-2024-52004 Remote code execution vulnerabilities in MediaCMS

MediaCMS is an open source video and media CMS, written in Python/Django and React, featuring a REST API. MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recommended to...

CVE-2024-52004 Remote code execution vulnerabilities in MediaCMS

MediaCMS is an open source video and media CMS, written in Python/Django and React, featuring a REST API. MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recommended to...

MediaCMS 注入漏洞

MediaCMS is a modern, full-featured open source video and media CMS from MediaCMS Open Source. An injection vulnerability exists in MediaCMS prior to version 4.1.0, which stems from the fact that it could lead to remote code execution under specific circumstances...

PT-2024-42: Insufficient authorization in MediaCMS

The vulnerability was identified in MediaCMS, versions 4.1.0. The discovered vulnerability can be exploited by an authorized attacker to delete any directory in the file system knowing its absolute path, as well as substitute the contents of any user file. Vulnerability status: Confirmed by vendo...

PT-2024-43: Remote code execution (RCE) in MediaCMS

The vulnerability was identified in MediaCMS, versions 4.1.0. Discovered vulnerability allows an attacker to execute OS commands on a vulnerable host, gain control over resources, and penetrate the internal network. Vulnerability status: Confirmed by vendor Date of vulnerability remediation:...

PT-2023-9690 · Mediacms · Mediacms

Name of the Vulnerable Software and Affected Versions: MediaCMS affected versions not specified Description: The issue is related to improper authorization in the MediaCMS content management system. It allows a remote attacker to delete directories in the file system and replace user file content...

TurnkeyForms Entertainment Portal 2.0 - Insecure Cookie Handling

TurnkeyForms Entertainment Portal 2.0 - Insecure Cookie Handling ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...