23 matches found
EUVD-2018-10823
Malware in sbrugna...
EUVD-2023-48368
Malicious code in bioql PyPI...
CVE-2023-44009
File Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the Skin Management function...
CVE-2023-44011
An issue in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the layout.master skin file at the Skin management component...
Ivanti Avalanche < 6.4.4 Multiple Vulnerabilities
The version of Ivanti Avalanche running on the remote host is prior to 6.4.4. It is, therefore, is affected by multiple vulnerabilities : - An off-by-one error in WLInfoRailService allows a remote unauthenticated attacker to crash the service. CVE-2024-36136 - Improper input validation in the...
CVE-2024-38652
Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion...
CVE-2024-38652
Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion...
CVE-2023-44011
An issue in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the layout.master skin file at the Skin management component...
CVE-2023-44011
An issue in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the layout.master skin file at the Skin management component...
CVE-2023-44009
File Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the Skin Management function...
CVE-2023-44009
File Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the Skin Management function...
Unrestricted file upload
File Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the Skin Management function...
CVE-2023-44011
An issue in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the layout.master skin file at the Skin management component...
mojoPortal Security Vulnerability
mojoPortal is the United States Joe Audette individual developer of a set of open source , object-oriented Web site architecture WSF and content management system CMS. The system offers event calendars, photo albums, file managers, and more. A security vulnerability exists in mojoPortal version...
PT-2023-29064 · Unknown · Mojoportal
Name of the Vulnerable Software and Affected Versions: mojoPortal version 2.7.0.0 Description: The issue allows a remote attacker to execute arbitrary code via the Skin Management function. This is a result of a File Upload vulnerability. Recommendations: For mojoPortal version 2.7.0.0, consider...
CVE-2023-44011
An issue in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the layout.master skin file at the Skin management component...
PT-2023-29066 · Unknown · Mojoportal
Name of the Vulnerable Software and Affected Versions: mojoPortal version 2.7.0.0 Description: An issue in mojoPortal allows a remote attacker to execute arbitrary code via a crafted script to the layout.master skin file at the Skin management component. Recommendations: For mojoPortal version...
CVE-2023-44009
File Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the Skin Management function...
CVE-2018-19110
The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/user/skin/list directly because controller\usercontroller.java maps a /skin/list request to the function skinList, and lacks an authorization chec...
Authorization
The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/user/skin/list directly because controller\usercontroller.java maps a /skin/list request to the function skinList, and lacks an authorization chec...