6 matches found
PT-2023-16885 · Cockpit Hq · Cockpit
Name of the Vulnerable Software and Affected Versions: cockpit-hq/cockpit versions prior to 2.4.1 Description: The issue concerns an unrestricted upload of files with dangerous types. There is no information provided about the estimated number of potentially affected devices worldwide or details...
FreeRDP 缓冲区错误漏洞
FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. A buffer error vulnerability exists in versions prior to FreeRDP 2.4.1, which stems from the program's inability to validate input data, and a malicious gateway could allow out-of-bounds writes to...
SOGo 数据伪造问题漏洞
SOGo is a very fast and scalable modern collaboration suite. It provides calendaring, address book management and a full-featured Webmail client, as well as resource sharing and permission handling. A security vulnerability exists in SOGo that stems from the fact that when the program's SAML is t...
PT-2020-6865 · Opentsdb · Opentsdb
Name of the Vulnerable Software and Affected Versions: OpenTSDB versions prior to 2.4.1 Description: A remote code execution issue occurs due to command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory, which is then executed via the...
Rukovoditel Project Management CRM Cross-Site Scripting Vulnerability
Rukovoditel Project Management CRM is a Web-based open source project management software. The software has project management , customer relationship management and other functions . A cross-site scripting vulnerability exists in Rukovoditel Project Management CRM versions prior to 2.4.1. The...
WonderCMS Arbitrary File Deletion Vulnerability
WonderCMS is an open source, fast, small and simple flat file cms. An arbitrary file deletion vulnerability exists in index.php in WonderCMS versions prior to 2.4.1. A remote attacker can exploit this vulnerability to delete arbitrary files via directory traversal...