CVE-2024-10999

A vulnerability classified as problematic has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /aboutadd.php of the component About Us Page. The manipulation of the argument aimage leads to unrestricted upload. It is possible to launch the...

CVE-2024-11000

A vulnerability classified as problematic was found in CodeAstro Real Estate Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /aboutedit.php of the component About Us Page. The manipulation of the argument aimage leads to unrestricted upload. The attac...

CVE-2024-10999

A vulnerability classified as problematic has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /aboutadd.php of the component About Us Page. The manipulation of the argument aimage leads to unrestricted upload. It is possible to launch the...

CodeAstro Real Estate Management System 代码问题漏洞

CodeAstro Real Estate Management System is a real estate management system from CodeAstro. A code issue vulnerability exists in CodeAstro Real Estate Management System version 1.0, which stems from the parameter aimage in the file /aboutadd.php that can lead to unrestricted uploads...

CodeAstro Real Estate Management System 代码问题漏洞

CodeAstro Real Estate Management System is a real estate management system from CodeAstro. A code issue vulnerability exists in CodeAstro Real Estate Management System version 1.0, which stems from the parameter aimage in the file /aboutedit.php that can lead to unrestricted uploads...

Format string

Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in 1 warn and 2 err calls, possibly involving a lib/s3.cpp, b tools/afconvert.cpp, c tools/afcopy.cpp, d tools/afinfo.cpp, e aimage/imager.cp...

Format string

Multiple format string vulnerabilities in AFFLIB before 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in 1 warn and 2 err calls in a lib/s3.cpp, b tools/afconvert.cpp, c tools/afcopy.cpp, d tools/afinfo.cpp, e aimage/aimage.cpp, f...

CVE-2007-2053

Multiple stack-based buffer overflows in AFFLIB before 2.2.6 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via 1 a long LastModified value in an S3 XML response in lib/s3.cpp; 2 a long a path or b bucket in an S3 URL in lib/vnodes3.cpp; or 3 a long c...

AFFLIB多个格式串处理漏洞

AFFLIB是用于操作高级取证格式（AFF）文件的开源函数库。 AFFLIB的一些命令行工具实现上存在格式串处理漏洞，本地攻击者可能利用此漏洞提升自己的权限。 这些工具以格式串参数向warn和err调用传输一些命令行参数。如果攻击者能够影响这些命令行参数的话，就可能导致执行任意指令。 s3格式串注入 文件：lib/s3.cpp 行数：207 err调用中的一个命令行参数用作了格式串，如果攻击者能够影响名称的话就可以导致格式串注入漏洞。192-207行说明了这个问题： void s3cpconst char fname,string key struct s3headers meta2 =...