5 matches found
PT-2026-28649
Name of the Vulnerable Software and Affected Versions plank/laravel-mediable versions through 6.4.0 Description The software is susceptible to arbitrary file upload when it accepts or prefers a client-supplied MIME type during file upload handling. An attacker can submit a file containing...
IBM Sterling Control Center 安全漏洞
IBM Sterling Control Center is an application system from International Business Machines IBM, Inc. A centralized monitoring and management system. A security vulnerability exists in IBM Sterling Control Center versions 6.2.1, 6.3.1, and 6.4.0 that originates from a web page that can be stored...
PT-2024-32542 · Elementor · Elementsready Addons For Elementor
Name of the Vulnerable Software and Affected Versions: ElementsReady Addons for Elementor versions n/a through 6.4.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...
PT-2024-13741 · Unknown · Yetiforcecrm
Name of the Vulnerable Software and Affected Versions: YetiForceCRM versions 6.4.0 and before Description: A Directory Traversal issue allows a remote authenticated attacker to obtain sensitive information via the license parameter in the LibraryLicense.php component. Recommendations: For version...
Fortinet FortiWeb 资源管理错误漏洞
Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures web applications and protects sensitive database content. A security vulnerability exists in versions...