EC-CUBE 安全漏洞

EC-CUBE is an open source e-commerce system from the Japanese company EC-CUBE. A security vulnerability exists in EC-CUBE that stems from the presence of an Accept External Untrusted Data and Trusted Data vulnerability, where an attacker who gains administrative privileges may be able to install...

IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2023-83656)

IBM QRadar SIEM is a solution from International Business Machines IBM that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user...

CVE-2022-41263

Due to a missing authentication check, SAP Business Objects Business Intelligence Platform Web Intelligence - versions 420, 430, allows an authenticated non-administrator attacker to modify the data source information for a document that is otherwise restricted. On successful exploitation, the...

Dell BIOS Information Disclosure Vulnerability

Dell BIOS is an embedded software on a small memory chip on the motherboard of a computer from Dell, U.S.A. An information disclosure vulnerability exists in Dell BIOS, which stems from insufficient protection of sensitive information by the application and could be exploited by a locally...

Pegasystem PEGA Platform Cross-Site Request Forgery Vulnerability

Pegasystem PEGA Platform is a suite of application development platforms from Pegasystem UK. The platform is used to develop applications such as BPM Business Process Management, Case Management, Real-Time Decision Making and CRM Customer Relationship Management.A cross-site request forgery...

WordPress plugin WordPress Security 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress WordPress Security plugin versions prior to 4.2.1 have a cross-site scripting vulnerability that...