Mattermost Denial of Service Vulnerability (CNVD-2025-12774)

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a denial-of-service vulnerability that stems from a failure to time and size limit CA path files in the ElasticSearch configuration, which can be exploited by an attacker to add...

LokiCMS <= 0.3.4 (index.php page) Arbitrary Check File Exploit

官网链接: http://www.lokicms.com/ 影响版本：= 0.3.4 概述： LokiCMS 0.3.4及之前版本中的index.php存在目录遍历漏洞。当magicquotesgpc被中止时，远程攻击者可以借助页参数中的".."，来检查任意文件是否存在。 漏洞页面： vuln file: index.php 漏洞代码： if isset $GET && isset $GET'page' $pagename = stripslashes trim $GET'page' ; // load the page if $pagename == '' $name =...