Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2025/08/15 12:0 a.m.4 views

PT-2025-33508

Name of the Vulnerable Software and Affected Versions: go-getter versions prior to 1.7.9 Description: The go-getter library subdirectory download feature is susceptible to symlink attacks, potentially allowing unauthorized read access beyond the intended directory boundaries. Recommendations:...

7.5CVSS5.4AI score0.00507EPSS
Exploits0References24
CNNVD
CNNVD
added 2025/08/15 12:0 a.m.5 views

HashiCorp go-getter 安全漏洞

HashiCorp go-getter is a library for Go golang from HashiCorp, Inc. for downloading files or directories from various sources using URLs as the primary form of input. A security vulnerability exists in HashiCorp go-getter versions prior to 1.7.9, which stems from a symbolic link attack and could...

7.5CVSS6.5AI score0.00507EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/11/08 12:0 a.m.6 views

WordPress 插件跨站请求伪造漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site request forgery vulnerability...

6.5CVSS6.3AI score0.00531EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2021/11/08 12:0 a.m.9 views

PT-2021-16264

Name of the Vulnerable Software and Affected Versions: The Redirect 404 Error Page to Homepage or Custom Page with Logs WordPress plugin versions prior to 1.7.9 Description: The issue concerns a lack of CSRF check when deleting logs, which could allow an attacker to make a logged-in admin delete...

6.5CVSS6.6AI score0.00531EPSS
Exploits2References4
Rows per page
Query Builder