30 matches found
XSS Vulnerability in the Original Shopping Network App
Original ecological shopping app is an art shopping software, the goods mainly include a variety of bracelets, Buddha beads, etc., so that you can buy cheaper goods here. XSS vulnerability exists in the original shopping app, which can be exploited by attackers to upload xss code, posing...
CVE-2019-13464
An issue was discovered in OWASP ModSecurity Core Rule Set CRS 3.0.2. Use of X.Filename instead of XFilename can bypass some PHP Script Uploads rules, because PHP automatically transforms dots into underscores in certain contexts where dots are invalid...
CVE-2019-13464
An issue was discovered in OWASP ModSecurity Core Rule Set CRS 3.0.2. Use of X.Filename instead of XFilename can bypass some PHP Script Uploads rules, because PHP automatically transforms dots into underscores in certain contexts where dots are invalid...
Design/Logic Flaw
An issue was discovered in OWASP ModSecurity Core Rule Set CRS 3.0.2. Use of X.Filename instead of XFilename can bypass some PHP Script Uploads rules, because PHP automatically transforms dots into underscores in certain contexts where dots are invalid...
UBUNTU-CVE-2019-13464
An issue was discovered in OWASP ModSecurity Core Rule Set CRS 3.0.2. Use of X.Filename instead of XFilename can bypass some PHP Script Uploads rules, because PHP automatically transforms dots into underscores in certain contexts where dots are invalid...
CVE-2019-13464
An issue was discovered in OWASP ModSecurity Core Rule Set CRS 3.0.2. Use of X.Filename instead of XFilename can bypass some PHP Script Uploads rules, because PHP automatically transforms dots into underscores in certain contexts where dots are invalid...
CVE-2019-13464
An issue was discovered in OWASP ModSecurity Core Rule Set CRS 3.0.2. Use of X.Filename instead of XFilename can bypass some PHP Script Uploads rules, because PHP automatically transforms dots into underscores in certain contexts where dots are invalid...
PT-2019-13349 · Owasp · Owasp Modsecurity Core Rule Set
Name of the Vulnerable Software and Affected Versions: OWASP ModSecurity Core Rule Set CRS version 3.0.2 Description: An issue was discovered where the use of X.Filename instead of X Filename can bypass some PHP Script Uploads rules. This occurs because PHP automatically transforms dots into...
CVE-2018-5341
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: a missing server-side check on the file type/extension when uploading and modifying scripts...
Arbitrary File Upload Vulnerability in New Harvest Technology Creative Portal Information Management System
Creative Portal Management System is a creative information publishing platform applied in the construction of New Harvest Technology. The New Harvest Technology Creative Portal Information Management System has an arbitrary file upload vulnerability that allows attackers to exploit the...