563 matches found
Astra Linux – Vulnerability in Firefox and Thunderbird
A phishing website could have re-used an about: dialog box to display phishing content with an incorrect origin in the address bar. This vulnerability affects Firefox 122 and Thunderbird 115.7...
CVE-2021-47964 Schlix CMS 2.2.6-6 Remote Code Execution via core.blockmanager
Schlix CMS 2.2.6-6 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious extension packages through the block manager. Attackers can upload a crafted ZIP file containing PHP code in the packageinfo.inc file and...
EUVD-2021-34817
Schlix CMS 2.2.6-6 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious extension packages through the block manager. Attackers can upload a crafted ZIP file containing PHP code in the packageinfo.inc file and...
PT-2026-41343
Schlix CMS 2.2.6-6 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious extension packages through the block manager. Attackers can upload a crafted ZIP file containing PHP code in the packageinfo.inc file and...
CVE-2024-51092
LibreNMS before 24.10.0 allows a remote attacker to execute arbitrary code via OS command injection involving AboutController.php's index, SettingsController.php's update, and PollDevice.php's initRrdDirectory...
CVE-2024-51092
LibreNMS before 24.10.0 allows a remote attacker to execute arbitrary code via OS command injection involving AboutController.php's index, SettingsController.php's update, and PollDevice.php's initRrdDirectory...
CVE-2026-5161
Improper link resolution before file access 'link following' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before 1.2.2...
CVE-2026-5161
Improper link resolution before file access 'link following' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before 1.2.2...
CVE-2026-5161
Improper link resolution before file access 'link following' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before 1.2.2...
CVE-2026-5161 Improper Authentication in TUBITAK BILGEM's Pardus About
Improper link resolution before file access 'link following' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before 1.2.2...
EUVD-2026-26236
Improper link resolution before file access 'link following' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before v1.2.1...
CVE-2026-5161 Improper Authentication in TUBITAK BILGEM's Pardus About
Improper link resolution before file access 'link following' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before 1.2.2...
CVE-2026-5161
CVE-2026-5161 is an improper link resolution before file access vulnerability in Pardus About, enabling a Symlink Attack. Affected software: Pardus About prior to version 1.2.1. Root cause: improper link following allows unauthorized file access by traversing symlinks. Impact per CVSS metrics (AV...
TÜBİTAK BİLGEM Pardus About 后置链接漏洞
TÜBİTAK BİLGEM Pardus About is a component module of the Turkish company TÜBİTAK BİLGEM that provides functionality for displaying operating system information and system descriptions. Versions of TÜBİTAK BİLGEM Pardus About prior to 1.2.1 had a post-link vulnerability; this vulnerability stemmed...
PT-2026-35928
Improper link resolution before file access 'link following' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before v1.2.1...
CVE-2026-30082
Multiple stored cross-site scripting XSS vulnerabilities in the Edit feature of the Software Package List page of IngEstate Server v11.14.0 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the About application, What's news, or Release note parameters...
EUVD-2026-17095
Multiple stored cross-site scripting XSS vulnerabilities in the Edit feature of the Software Package List page of IngEstate Server v11.14.0 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the About application, What's news, or Release note parameters...
CVE-2026-30082
Multiple stored cross-site scripting XSS vulnerabilities in the Edit feature of the Software Package List page of IngEstate Server v11.14.0 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the About application, What's news, or Release note parameters...
CVE-2026-30082
Multiple stored cross-site scripting XSS vulnerabilities in the Edit feature of the Software Package List page of IngEstate Server v11.14.0 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the About application, What's news, or Release note parameters...
CVE-2026-30082
Multiple stored cross-site scripting XSS vulnerabilities in the Edit feature of the Software Package List page of IngEstate Server v11.14.0 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the About application, What's news, or Release note parameters...