3 matches found
Frappe Learning 跨站脚本漏洞
Frappe Learning is an easy-to-use open source learning management system from Frappe Open Source. A cross-site scripting vulnerability exists in Frappe Learning version 2.34.1 and prior versions, which stems from not adequately cleaning up uploaded content in personal profiles, and could lead to ...
DoWISP 操作系统命令注入漏洞
DoWISP is a full-service cloud-based management software for Internet Service Providers ISPs from DoWISP, Inc. An operating system command injection vulnerability exists in DoWISP versions prior to 1.16.2.50, which stems from the fact that uploading a malicious profile picture in SVG format can...
CVE-2017-14704
Multiple unrestricted file upload vulnerabilities in the 1 imageSubmit and 2 proofsubmit functions in Claydip Laravel Airbnb Clone 1.0 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in...