PT-2024-22678 · Unknown · Jumpserver

Name of the Vulnerable Software and Affected Versions: JumpServer versions prior to 3.10.6 Description: The issue allows an authenticated user to exploit the Insecure Direct Object Reference IDOR vulnerability in the file manager's bulk transfer by manipulating job IDs to upload malicious files,...

Huntflow Enterprise 注入漏洞

Huntflow Enterprise is an efficient recruitment software from the Russian company Huntflow. Huntflow Enterprise suffers from an injection vulnerability that stems from an LDAP injection vulnerability in /account/login in Huntflow Enterprise prior to version 3.10.6 that could allow an...