76 matches found
PT-2024-25124 · Roothub · Roothub
Name of the Vulnerable Software and Affected Versions: Roothub version 2.6 Description: The issue is related to a SQL injection vulnerability. This vulnerability occurs via the topic parameter in the list function. Recommendations: For Roothub version 2.6, consider restricting the use of the list...
CVE-2024-33124
Roothub v2.6 was discovered to contain a SQL injection vulnerability via the nodeTitle parameter in the parentNode function...
CVE-2024-33122
CVE-2024-33122 affects Roothub v2.6. A SQL injection vulnerability exists in the list() function via the topic parameter, caused by unsafe SQL construction. CVSS 3.1 base score 6.3 (Medium) with Low impact across confidentiality, integrity, and availability. No exploits details are provided in th...
CVE-2024-33120
Roothub v2.5 was discovered to contain an arbitrary file upload vulnerability via the customPath parameter in the upload function. This vulnerability allows attackers to execute arbitrary code via a crafted JSP file...
CVE-2024-33121
Roothub v2.6 was discovered to contain a SQL injection vulnerability via the 's' parameter in the search function...
CVE-2024-33121
Roothub v2.6 was discovered to contain a SQL injection vulnerability via the 's' parameter in the search function...
Roothub 安全漏洞
Roothub is a forum system developed using SSM and MySQL. A security vulnerability exists in Roothub v2.6, which was discovered to contain an SQL injection vulnerability via the "s" parameter in the search function...
CVE-2024-33121
CVE-2024-33121 affects Roothub v2.6, where the SQL injection vulnerability exists in the search() function through the 's' parameter. Exploitation details are not provided in the documents, but multiple sources corroborate an SQL injection issue in Roothub v2.6. The CVSS v3.1 base score is 6.3 (M...
CVE-2024-33121
Roothub v2.6 was discovered to contain a SQL injection vulnerability via the 's' parameter in the search function...
PT-2024-25123 · Roothub · Roothub
Name of the Vulnerable Software and Affected Versions: Roothub version 2.6 Description: A SQL injection issue was discovered in Roothub via the s parameter in the search function. This allows for potential exploitation. No information is provided about the estimated number of potentially affected...
CVE-2024-33121
Roothub v2.6 was discovered to contain a SQL injection vulnerability via the 's' parameter in the search function...
kernel: xhci: Fix null pointer dereference in remove if xHC has only one roothub
In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference in remove if xHC has only one roothub The remove path in xhci platform driver tries to remove and put both main and shared hcds even if only a main hcd exists one roothub This causes a null...
GSD-2022-1004987 xhci: Fix null pointer dereference in remove if xHC has only one roothub
xhci: Fix null pointer dereference in remove if xHC has only one roothub This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.8 by commit...
Roothub SQL Injection Vulnerability (CNVD-2022-44243)
Roothub is a forum system developed using SSM and MySQL.Roothub suffers from a SQL injection vulnerability, which stems from the lack of validation of external input SQL statements in the s parameter of the Topics Searching feature, and can be exploited by attackers to execute illegal SQL command...
Roothub directory traversal vulnerability
Roothub is a forum system developed using SSM and MySQL. version 2.6.0 of Roothub is vulnerable to a directory traversal vulnerability that stems from a failure to properly filter resource or file paths in the file cn/roothub/store/FileSystemStorageService in the function store in the function...
Roothub SQL Injection Vulnerability
Roothub is a forum system developed using SSM and MySQL.Roothub is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the s parameter of the Topics Counting feature, and can be exploited by attackers to execute illegal SQL commands to steal...
CVE-2022-28052
Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution...
CVE-2022-28052
Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution...
CVE-2022-28052
Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution...
Directory traversal
Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution...