707 matches found
CVE-2021-46204
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. SQL injection vulnerability via taocms\include\Model\Article.php...
CVE-2021-46204
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. SQL injection vulnerability via taocms\include\Model\Article.php...
CVE-2021-46203
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter...
CVE-2021-46203
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter...
CVE-2021-46203
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter...
Design/Logic Flaw
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter...
CVE-2021-46203
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter...
Taocms 路径遍历漏洞
Taocms is a micro Cms content management system in China. taocms in v3.0.2 version there is an arbitrary file reading vulnerability, the vulnerability stems from the lack of filtering and restrictions on the software's path parameters, an attacker can use the vulnerability to read arbitrary files...
Design/Logic Flaw
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions The path parameter of the requested URL is not sanitized before being passed to the QT frontend. This path is used in all componen...
CVE-2022-21690
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions The path parameter of the requested URL is not sanitized before being passed to the QT frontend. This path is used in all componen...
CVE-2022-21690 Cross-Site Scripting in Onionshare
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions The path parameter of the requested URL is not sanitized before being passed to the QT frontend. This path is used in all componen...
CVE-2022-21690 Cross-Site Scripting in Onionshare
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions The path parameter of the requested URL is not sanitized before being passed to the QT frontend. This path is used in all componen...
OnionShare 跨站脚本漏洞
OnionShare is an open source tool used to securely and anonymously share files, host websites, and chat with friends using the Tor network. Used to securely and anonymously share files, host websites, and chat with friends using the Tor network, a security vulnerability exists in OnionShare that...
glibc 安全漏洞
glibc GNU C Library is the C standard library implemented by the GNU Project. A security vulnerability exists in the GNU C Library also known as glibc, which stems from the use of the deprecated compatibility function svcunix create in the sunrpc module to copy its path parameter onto the stack...
resteasy: Error message exposes endpoint class information
A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The...
CVE-2021-26615
ARK library allows attackers to execute remote code via the parameterpath value of ArkNormalizeAndDupPAthNameW function because of an integer overflow...
resteasy: Error message exposes endpoint class information
A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The...
CVE-2021-32482
Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter...
Design/Logic Flaw
Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter...
CVE-2021-32482
Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter...