GHSA-33MP-8P67-XJ7C Froxlor has Admin-to-Root Privilege Escalation via Input Validation Bypass + OS Command Injection

Summary A typo in Froxlor's input validation code == instead of = completely disables email format checking for all settings fields declared as email type. This allows an authenticated admin to store arbitrary strings — including shell metacharacters — in the panel.adminmail setting. This value i...

Froxlor has Admin-to-Root Privilege Escalation via Input Validation Bypass + OS Command Injection

Summary A typo in Froxlor's input validation code == instead of = completely disables email format checking for all settings fields declared as email type. This allows an authenticated admin to store arbitrary strings — including shell metacharacters — in the panel.adminmail setting. This value i...

Acronis True Image 安全漏洞

Acronis True Image is a famous data backup and restore software from Acronis Singapore. The software can be used to create drive and disk images and can restore the image when a clean system is needed. Acronis True Image suffers from a security vulnerability that stems from insecure folder...