4 matches found
CVE-2021-32074
HashiCorp vault-action aka Vault GitHub Action before 2.2.0 allows attackers to obtain sensitive information from log files because a multi-line secret was not correctly registered with GitHub Actions for log masking...
projectSend r1605 - CSV injection Vulnerability
Exploit Title: projectSend r1605 - CSV injection Version: r1605 Bugs: CSV Injection Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Author: Mirabbas Ağalarov Tested on: Windows 2. Technical Details & POC ========================================...
Remote code execution
Dolphinphp v1.5.0 contains a remote code execution vulnerability in /application/common.phpactionlog...
anwsion注入很普通in注入
简要描述: anwsion注入很普通in注入 详细说明: system/class/clsactionlogclassinc.php 472代码; public static function getactionsdistintbywhere 类 $sql = "SELECT MAXhistoryid historyid FROM " . gettable'useractionhistory' . " WHERE " . $where . " GROUP BY associateid, associatetype ORDER BY historyid DESC";...