5 matches found
needrestart 权限许可和访问控制问题漏洞
needrestart is a tool by liske personal developer for checking which daemons need to be restarted after an upgrade. A security vulnerability exists in versions prior to needrestart 3.8, which stems from a vulnerability that allows a local attacker to execute arbitrary code as root by winning a ra...
PT-2024-14143 · WordPress · Wp-Buy Login As User/Customer
Name of the Vulnerable Software and Affected Versions: wp-buy Login as User or Customer User Switching versions n/a through 3.8 Description: The issue is related to an Improper Authentication vulnerability that allows Privilege Escalation. This vulnerability can be exploited to escalate privilege...
dpaste Cross-Site Scripting Vulnerability
dpaste is a Pastebin application written using the Django framework. A cross-site scripting vulnerability exists in versions prior to dpaste v3.8, which stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability that can be exploited by an attacker to execute arbitrary...
WordPress plugin Amministrazione Aperta 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A file inclusion...
Barco Transform NDN-210 Command Injection Vulnerability
The Barco Transform NDN-210 is a PC-based network graphics processor from Barco in the Netherlands. The device displays encoded streams from Gbit Ethernet/IP networks and supports formats such as H-264, MPEG-4, MPEG-2, MJPEG, V2D and ProServer. A security vulnerability exists in Barco TransForm N...