58 matches found
EUVD-2018-7075
Malware in sbrugna...
EUVD-2018-7076
Malware in sbrugna...
EUVD-2017-5826
Malware in sbrugna...
EUVD-2018-8289
Malware in sbrugna...
CVE-2024-33444
SQL injection vulnerability in onethink v.1.1 allows a remote attacker to escalate privileges via a crafted script to the ModelModel.class.php component...
CVE-2024-33443
An issue in onethink v.1.1 allows a remote attacker to execute arbitrary code via a crafted script to the AddonsController.class.php component...
CVE-2018-15198
An issue was discovered in OneThink v1.1. There is a CSRF vulnerability in admin.php?s=/User/add.html that can add a user...
CVE-2018-15197
An issue was discovered in OneThink v1.1. There is a CSRF vulnerability in admin.php?s=/AuthManager/addToGroup.html that can endow administrator privileges...
CVE-2024-33443
An issue in onethink v.1.1 allows a remote attacker to execute arbitrary code via a crafted script to the AddonsController.class.php component...
CVE-2024-33443
An issue in onethink v.1.1 allows a remote attacker to execute arbitrary code via a crafted script to the AddonsController.class.php component...
CVE-2024-33444
SQL injection vulnerability in onethink v.1.1 allows a remote attacker to escalate privileges via a crafted script to the ModelModel.class.php component...
CVE-2024-33444
SQL injection vulnerability in onethink v.1.1 allows a remote attacker to escalate privileges via a crafted script to the ModelModel.class.php component...
OneThink 安全漏洞
OneThink is an open source content management framework. A security vulnerability exists in OneThink version v.1.1, which stems from an arbitrary code execution vulnerability in the AddonsController.class.php component...
CVE-2024-33444
The provided connected sources confirm CVE-2024-33444 affects onethink v1.1, with a SQL injection vulnerability in the ModelModel.class.php component that could allow a remote attacker to escalate privileges. The issue is repeatedly described across NVD/Red Hat/CVE lists and third-party advisorie...
CVE-2024-33443
The CVE-2024-33443 entry concerns onethink v1.1, where a crafted script to AddonsController.class.php enables remote arbitrary code execution. The issue is exposed over the network with low privileges and no user interaction. The available connected sources describe the vulnerable component as Ad...
CVE-2024-33443
An issue in onethink v.1.1 allows a remote attacker to execute arbitrary code via a crafted script to the AddonsController.class.php component...
CVE-2024-33443
An issue in onethink v.1.1 allows a remote attacker to execute arbitrary code via a crafted script to the AddonsController.class.php component...
PT-2024-25264 · Onethink · Onethink
Name of the Vulnerable Software and Affected Versions: onethink version 1.1 Description: A SQL injection issue allows a remote attacker to escalate privileges via a crafted script to the ModelModel.class.php component. Recommendations: For onethink version 1.1, consider restricting access to the...
PT-2024-25263 · Onethink · Onethink
Name of the Vulnerable Software and Affected Versions: onethink version 1.1 Description: An issue in the software allows a remote attacker to execute arbitrary code via a crafted script to the AddonsController.class.php component. Recommendations: For onethink version 1.1, consider disabling acce...
CVE-2024-33444
SQL injection vulnerability in onethink v.1.1 allows a remote attacker to escalate privileges via a crafted script to the ModelModel.class.php component...