7 matches found
FoxCMS 注入漏洞
FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS. FoxCMS 1.2.5 and previous versions exist injection vulnerability, the vulnerability stems from the file app/admin/controller/Download.php in the parameter ids of the wrong operation leads to SQL injection...
GHSA-8FJR-HGHR-4M99 Archive spoofing vulnerability in borgbackup
Impact A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an attacker to be able to 1. insert files with no additional headers into backups 2. gain write acce...
BorgBackup 数据伪造问题漏洞
BorgBackup is an archiving program that performs deduplication through compression and encryption. A data forgery issue vulnerability exists in BorgBackup versions prior to 1.2.5, which stems from a flaw in the cryptographic authentication scheme in BorgBackup that allows an attacker to forge an...
CVE-2019-1841
A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this...
CVE-2019-1707
A vulnerability in the web-based management interface of Cisco DNA Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of...
DEBIAN-CVE-2017-8114
Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin...
WordPress Easy WP SMTP Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed using the PHP language that allows users to set up their own websites on servers that support PHP and MySQL databases. WordPress can also be used as a content management system CMS. A cross-site scripting vulnerability exists in WordPress Easy WP SMTP...