Important: Red Hat Security Advisory: gupnp security update

An update for gupnp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ZEROF Web Server SQL注入漏洞

ZEROF Web Server is an open source Web framework that simplifies modern Web development . It allows you to build applications without having to worry about package management or routing. A SQL injection vulnerability exists in ZEROF Web Server version 1.0, which originated when the program allowe...

Bitweaver cross-site scripting vulnerability (CNVD-2021-22577)

Bitweaver is a free, open source web application framework and content management system. A cross-site scripting vulnerability exists in Bitweaver 3.1.0. A remote attacker can exploit this vulnerability to inject JavaScript via the /users/admin/useractivity.php URI...

CVE-2021-21329 Multi Factor Authentication Token Improperly Validated On User Login

RATCF is an open-source framework for hosting Cyber-Security Capture the Flag events. In affected versions of RATCF users with multi factor authentication enabled are able to log in without a valid token. This is fixed in commit cebb67b...

RATCF 授权问题漏洞

RATCF is an open source framework for hosting Cyber-Security Capture the Flag events. RATCF suffers from an authorization issue vulnerability that originates from the fact that a user with multi-factor authentication enabled can log in without a valid token...

Fiber Trust Management Issues Vulnerability (CNVD-2021-13655)

Fiber is an open source web framework written in the Go language . A trust management issue vulnerability exists in FiberHome HG6245D, which arises from the lack of an effective trust management mechanism in a network system or product, and can be exploited by an attacker to attack affected...

Shenzhen Yuanmeng Cloud Technology Co., Ltd. WeiPHP has file reading vulnerability

WeiPHP is an open source microsoft public platform development framework. Shenzhen Yuanmeng Yun Technology Co., Ltd WeiPHP has a file reading vulnerability, which can be exploited by attackers to obtain sensitive information...

AutoGadgetFS - USB Testing Made Easy

What’s AutoGadgetFS ? AutoGadgetFS is an open source framework that allows users to assess USB devices and their associated hosts/drivers/software without an in-depth knowledge of the USB protocol. The tool is written in Python3 and utilizes RabbitMQ and WiFi access to enable researchers to condu...

Jeesite has an XSS vulnerability

JeeSite is an enterprise information technology development infrastructure platform , Java enterprise applications open source framework. Jeesite has an XSS vulnerability that can be exploited by an attacker to obtain an administrator cookie...

Jeesite suffers from an XML entity injection vulnerability

JeeSite is an enterprise information technology development infrastructure platform , Java enterprise applications open source framework. Jeesite has an XML entity injection vulnerability that can be exploited by attackers to obtain sensitive information...

WeiPHP suffers from XSS vulnerability (CNVD-2020-37939)

WeiPHP is a convenient and scalable open source WeChat public platform development framework, using it you can easily build a own WeChat public platform. WeiPHP XSS vulnerability , attackers can use the vulnerability to obtain sensitive information such as user cookies...

SQL Injection Vulnerability in Easy B2C Mall System

Easy B2C mall system is a mall system based on open source framework development. Easy B2C Mall System has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

Command Execution Vulnerability in WeiPHP 4.0 Pl***.cl***.php Page

WeiPHP is an open source WeChat public platform development framework to build a personal WeChat public account operation platform. A command execution vulnerability exists in the WeiPHP 4.0 Pl.cl.php page, which can be exploited by an attacker to gain administrator privileges...

WeiPHP suffers from an information leakage vulnerability

WeiPHP is an open source WeChat public platform development framework to build a personal WeChat public account operation platform. WeiPHP suffers from an information disclosure vulnerability. An attacker can exploit this vulnerability to obtain sensitive information...

XSS Vulnerability in WeiPHP of Shenzhen Yuanmeng Cloud Technology Co. Ltd (CNVD-2020-28790)

WeiPHP is an open source WeChat public platform development framework to build a personal WeChat public account operation platform. Shenzhen Yuanmeng Yun Technology Co., Ltd WeiPHP exists XSS vulnerability, attackers can use the vulnerability in the case of not logging in by inserting malicious j...

Unauthorized Access Vulnerability in Apache Dubbo

Apache Dubbo is Alibaba's open source service framework that allows applications to achieve high-performance RPC service output and input functions can be integrated with the Spring Framework . Apache Dubbo has an unauthorized access vulnerability that can be exploited by attackers to obtain...

GPAC Code Issue Vulnerability

GPAC is an open source multimedia framework. A code issue vulnerability exists in the 'ilstitemRead' function of the isomedia/boxcodeapple.c file in GPAC versions 0.8.0 and 0.9.0-development-20191109. The vulnerability stems from an improperly designed or implemented code development process for ...

New Facebook Tool Let Users Transfer Their Photos and Videos to Google

Facebook has finally started implementing the open source data portability framework as the first phase of 'Data Transfer Project,' an initiative the company launched last year in collaboration with Google, Apple, Microsoft, and Twitter. Facebook today announced a new feature that will allow its...

New Facebook Tool Let Users Transfer Their Photos and Videos to Google

Facebook has finally started implementing the open source data portability framework as the first phase of 'Data Transfer Project,' an initiative the company launched last year in collaboration with Google, Apple, Microsoft, and Twitter. Facebook today announced a new feature that will allow its...

BoomER - Framework For Exploiting Local Vulnerabilities

BoomER is an open source framework, developed in Python. The tool is focused on post-exploitation, with a main objective, the detection and exploitation of local vulnerabilities, as well as the collection of information from a system, such as the installed applications they have. The framework...