15 matches found
CyreneAdmin 路径遍历漏洞
CyreneAdmin is a backend management system developed by CoCoTea’s individual developers. Versions of CyreneAdmin prior to 1.3.0 contained a path traversal vulnerability. This vulnerability stemmed from incorrect handling of the parameter “Avatar” in files/api/system/user/getAvatar, which could le...
CVE-2025-62047
Unrestricted Upload of File with Dangerous Type vulnerability in Case-Themes Case Addons case-addons.This issue affects Case Addons: from n/a through 1.3.0...
CVE-2025-50054
Buffer overflow in OpenVPN ovpn-dco-win version 1.3.0 and earlier and version 2.5.8 and earlier allows a local user process to send a too large control message buffer to the kernel driver resulting in a system crash...
libavif 输入验证错误漏洞
libavif is an Alliance for Open Media open source library for encoding and decoding .avif files. A security vulnerability exists in libavif versions prior to 1.3.0 that stems from the presence of an integer overflow...
WordPress Tevily theme < 1.3.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by justakazh Patchstack Alliance in WordPress Theme Tevily - Travel & Tour Booking WordPress Theme versions 1.3.0...
WordPress plugin Consulting Elementor Widgets Path Traversal Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
Apache Answer 跨站脚本漏洞
Apache Answer is a community platform of the Apache USA Foundation. A cross-site scripting vulnerability exists in Apache Answer versions prior to 1.3.0 that stems from the presence of a cross-site scripting XSS vulnerability...
PT-2024-22176 · Unknown · Wp Sendfox
Name of the Vulnerable Software and Affected Versions: WP SendFox versions 1.3.0 and earlier Description: A Missing Authorization issue has been identified. This issue affects the functionality of the software, potentially allowing unauthorized access. Recommendations: For WP SendFox versions 1.3...
Atlassian Jira 跨站请求伪造漏洞
Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is mainly used for tracking and managing all kinds of issues and defects in the workplace. Atlassian Jira icingaweb2-module-jira versions prior to 1.3.0 through 1.3.2 are vulnerable to a cross-site request...
CVE-2022-3685
A vulnerability exists in the SDM600 software. The software operates at a privilege level that is higher than the minimum level required. An attacker who successfully exploits this vulnerability can escalate privileges. This issue affects: All SDM600 versions prior to version 1.3.0. List of CPEs:...
Apache InLong 代码问题漏洞
Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. A deserialization vulnerability exists in Apache InLong versions prior to 1.3.0, which arises from unsafe deserialization of...
PT-2022-13448 · Unknown · Orchardcore
Name of the Vulnerable Software and Affected Versions: orchardcore versions prior to 1.3.0 Description: The issue is related to improper authorization in the GitHub repository orchardcms/orchardcore. Recommendations: For versions prior to 1.3.0, update to version 1.3.0 or later to resolve the iss...
cfme: rubygem-rubyzip denial of service via crafted ZIP file
A vulnerability in Rubyzip, versions prior to 1.3.0, allows a crafted ZIP file to bypass application checks on ZIP entry sizes. This allows an attacker to spoof data regarding the uncompressed size of the ZIP file, causing a denial of service due to disk consumption. Availability of the system is...
CVE-2018-10946
An issue was discovered in versions earlier than 1.3.0-66872 for Polycom RealPresence Debut that allows attackers to arbitrarily read the admin user's password via the admin web UI...
Lenovo XClarity Administrator Information Disclosure Vulnerability
Lenovo XClarity Administrator LXCA is a centralized resource management solution from Lenovo, China. The solution supports simplified infrastructure management, faster server response, and improved performance of Lenovo server systems. A security vulnerability exists in LXCA versions prior to...