OpenText Advanced Authentication 安全漏洞

OpenText Advanced Authentication is an advanced authentication framework from OpenText Canada. A security vulnerability exists in OpenText Advanced Authentication version 6.5.0 and earlier, which originates from a malicious browser plug-in that can record and replay the user authentication proces...

CVE-2025-47287 Tornado vulnerable to excessive logging caused by malformed multipart form data

Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs,...

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution offers multiple payment methods, SMS alerts and product image zoom. A security vulnerability exists in PrestaShop Product Catalog CSV, Excel Import prior to version 6.5.0, which stems from a...

RakRak Document Plus vulnerable to path traversal

Overview RakRak Document Plus provided by Sumitomo Electric Information Systems Co., Ltd. contains a path traversal vulnerability CWE-22. Asato Masamu of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...