7 matches found
Plainpad 安全漏洞
Plainpad is a self-hosted note-taking application by the individual developer Alex Tselegidis. A security vulnerability exists in Plainpad versions prior to 1.1.1, which stems from allowing a low-privileged user to self-elevate to administrator via the admin parameter in a PUT request, potentiall...
Backdrop CMS 跨站脚本漏洞
Backdrop CMS is a content management system CMS from Backdrop CMS open source. A cross-site scripting vulnerability exists in Backdrop CMS versions prior to 1.x-1.1.1, which stems from insufficient input cleanup and could lead to cross-site scripting attacks...
PT-2024-40157 · Github · Github-Slug-Action
Name of the Vulnerable Software and Affected Versions: github-slug-action versions prior to 1.1.1 github-slug-action versions prior to 2.1.1 Description: The issue is related to the use of set-env runner commands processed via stdout. It is recommended to upgrade to a version that uses the...
PT-2023-27863 · Answer +3 · Answer +2
Name of the Vulnerable Software and Affected Versions: answer versions prior to 1.1.1 Description: The issue concerns a Missing Authorization vulnerability. Recommendations: For versions prior to 1.1.1, update to version 1.1.1 or later to resolve the issue...
PT-2022-23305 · Digitialpixies · Oauth Client
Name of the Vulnerable Software and Affected Versions: OAuth Client by DigitialPixies WordPress plugin versions prior to 1.1.1 Description: The issue allows high-privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capabilit...
Unspecified Vulnerability in PowerMux
PowerMux is an application software. http. ServeMux has all the missing features of Go's replacement. Versions of PowerMux prior to 1.1.1 contain a security vulnerability that allows attackers to craft phishing links and other open redirects by exploiting the trailing slash redirection feature...
Code injection
Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...