6 matches found
PT-2026-21193
Name of the Vulnerable Software and Affected Versions Smanga version 3.2.7 Description An authentication bypass exists in Smanga version 3.2.7. An unauthenticated attacker can reset the password of any user, including the administrator, and fully compromise the account. This is achieved by...
CVE-2025-70833
An Authentication Bypass vulnerability in Smanga 3.2.7 allows an unauthenticated attacker to reset the password of any user including the administrator and fully takeover the account by manipulating POST parameters. The issue stems from insecure permission validation in check-power.php...
CVE-2024-34193
smanga 3.2.7 does not filter the file parameter at the PHP/get file flow.php interface, resulting in a path traversal vulnerability that can cause arbitrary file reading...
EUVD-2024-34675
Malicious code in bioql PyPI...
CVE-2024-34193
smanga 3.2.7 does not filter the file parameter at the PHP/get file flow.php interface, resulting in a path traversal vulnerability that can cause arbitrary file reading...
CVE-2024-34193
The connected PT-2024-25731 entry provides concrete technical details for CVE-2024-34193: in Smanga version 3.2.7, the file parameter at the PHP/get file flow.php interface is not properly filtered, enabling a path traversal vulnerability that can lead to arbitrary file reads. There is no publish...