FOSSBilling 信息泄露漏洞

FOSSBilling is an open-source billing and customer management platform for hosting service providers and digital service providers. Versions of FOSSBilling prior to 0.8.0 contained a vulnerability related to information leakage. This vulnerability stemmed from a parameter leakage system version...

CVE-2021-43800 Asset directory traversal with some storage modules on Windows

Wiki.js is a wiki app built on Node.js. Prior to version 2.5.254, directory traversal outside of Wiki.js context is possible when a storage module with local asset cache fetching is enabled on a Windows host. A malicious user can potentially read any file on the file system by crafting a special...