5 matches found
PT-2024-34259 · Unknown · Woocommerce Product Design
Name of the Vulnerable Software and Affected Versions: WooCommerce Product Design versions prior to 1.0.0 Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling an attacker to upload a web shell to a web server. Recommendations: For versions...
TechExcel Back Office Software 安全漏洞
TechExcel Back Office Software is a back office software from TechExcel, Inc. A security vulnerability exists in versions of TechExcel Back Office Software prior to 1.0.0 that stems from improper access control on certain API endpoints and could allow an authenticated, remote attacker to gain...
EverShop Security Breach
EverShop is a NodeJS e-commerce platform open-sourced by EverShop. A security vulnerability exists in EverShop versions prior to 1.0.0-rc.8, which stems from the presence of a directory traversal vulnerability that allows remote attackers to obtain sensitive information via a crafted request...
CVE-2022-23942 Apache Doris hardcoded cryptography initialization
Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure...
Atlassian Companion app code issue vulnerability
The Atlassian Companion app is an application from Atlassian Australia that enables users to edit Confluence files in their preferred desktop application. A code issue vulnerability exists in the file editing functionality in versions of the Atlassian Companion app prior to 1.0.0. A local attacke...