PT-2023-12374 · Unknown · Openmage Lts

Name of the Vulnerable Software and Affected Versions: OpenMage LTS versions prior to 19.4.22 OpenMage LTS versions prior to 20.0.19 Description: The issue affects OpenMage LTS, an e-commerce platform. Magento admin users with access to the customer media could execute code on the server...

OpenMage Magento Lts 路径遍历漏洞

OpenMage Magento Lts Magento is an e-commerce system organized by OpenMage. A path traversal vulnerability exists in OpenMage LTS versions 19.4.22 through 20.0.19, which originates from a Magento administrator user with privileged access to client media can execute code on the server...

PT-2022-24807 · Onedev · Onedev

Name of the Vulnerable Software and Affected Versions: Onedev versions prior to 7.3.0 Description: Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. During CI/CD builds, it is possible to save build artifacts for later retrieval. These artifact files are served by the...

CVE-2022-2046

The Directorist WordPress plugin before 7.2.3 allows administrators to download other plugins from the same vendor directly to the site, but does not check the URL domain it gets the zip files from. This could allow administrators to run code on the server, which is a problem in multisite...

U.S. Dept Of Defense: SQL Injection at https://████████.asp (█████████) [selMajcom] [HtUS]

Summary: SQL injection SQLi is a vulnerability in which an application accepts input into an SQL statement and treats this input as part of the statement. Typically, SQLi allows a malicious attacker to view, modify or delete data that should not be able to be retrieved. An SQLi vulnerability was...

CVE-2020-25560

In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients username: sapphire, password: ims and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server. W...

Hardcoded credentials

In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients username: sapphire, password: ims and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server...

Microsoft SharePoint Server Remote Code Execution Vulnerability

...

Progress Software Telerik UI for ASP.NET AJAX 安全漏洞

Progress Software Telerik UI for ASP.NET AJAX is an HTML editor from Progress Software. A security vulnerability exists in Progress Software Telerik UI for ASP.NET AJAX 2021.1.224, which can be exploited by an attacker to gain unauthorized access to the server and execute code...

CVE-2020-14260

HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to crash Domino or execute attacker-controlled code on the server system...

HCL Notes Buffer Overflow Vulnerability

HCL Notes is an enterprise email client. A buffer overflow vulnerability exists in DXL in HCL Notes 9, 10, and 11. The vulnerability stems from improper validation of user input. An attacker could exploit the vulnerability to cause Notes to crash or execute attacker-controlled code on the server...

CVE-2020-7545

A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software see security notification for version information that could allow for arbitrary code execution on the server when an authorized user access an affected webpage...

HCL Notes 安全漏洞

HCL Notes is an enterprise email client. A buffer overflow vulnerability exists in DXL in HCL Notes 9, 10, and 11. The vulnerability stems from improper validation of user input. An attacker could exploit the vulnerability to cause Notes to crash or execute attacker-controlled code on the server...

CVE-2020-13994

An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A privileged user can achieve code execution on the server via a ticket because of improper access control of uploaded resources. This might be exploitable in conjunction with CVE-2020-13992 by an unauthenticated attacker...

VulnCheck KEV: CVE-2019-18935

Progress Telerik UI for ASP.NET AJAX contains a deserialization of untrusted data vulnerability through RadAsyncUpload which leads to code execution on the server in the context of the w3wp.exe process...

EyouCMS suffers from a file upload vulnerability (CNVD-2020-23805)

Hainan Zanzan Network Technology Co., Ltd. station-building system EyouCms is based on the TP5.0 framework for the core development of free + open source enterprise content management system, focusing on enterprise station-building user needs, to provide a large number of templates in various...

Arbitrary File Upload

Overview pimcore/pimcore is a content & product management framework CMS/PIM/E-Commerce. Affected versions of this package are vulnerable to Arbitrary File Upload. It is possible to for a user to upload a .php file when creating a permission on the assets feature, resulting in arbitrary code...

spamassassin: Local user code injection in the meta rule syntax

A flaw was found in the way a local user on the SpamAssassin server could inject code in the meta rule syntax. This could cause the arbitrary code execution on the server when these rules are being processed...

EC-CUBE Payment Module and GMO-PG Payment Module Input Validation Vulnerability

LOCKON EC-CUBE is an open source e-commerce website building platform developed by LOCKON Japan. The platform supports product login, user evaluation, art layout, etc. EC-CUBE Payment Module and GMO-PG Payment Module are payment modules developed by Japan GMO Payment Gateway Company which are use...

Multiple vulnerabilities in EC-CUBE Payment Module and GMO-PG Payment Module (PG Multi-Payment Service) for EC-CUBE

Overview EC-CUBE Payment Module and GMO-PG Payment Module PG Multi-Payment Service, which are additional modules for EC-CUBE, provided by GMO Payment Gateway, Inc. contain multiple vulnerabilities listed below. Cross-site scripting vulnerability in the management screen CWE-79 - CVE-2018-0657 Inp...