Froxlor 安全漏洞

Froxlor is a set of lightweight server management software developed by the Froxlor team. Versions of Froxlor prior to 2.3.6 contained security vulnerabilities. These vulnerabilities stemmed from incorrect array indexing used in the domain ownership verification process within EmailSender::add. A...

Beego 跨站脚本漏洞

Beego is an open source web framework based on the Go language from Beego Open Source. A cross-site scripting vulnerability exists in Beego versions prior to 2.3.6, which stems from a cross-site scripting attack in the RenderForm function that could lead to session hijacking, credential theft, or...

PT-2024-14858 · WordPress · Eazydocs

Name of the Vulnerable Software and Affected Versions: EazyDocs WordPress plugin versions prior to 2.3.6 Description: The issue allows unauthenticated users to delete arbitrary posts, as well as add and delete documents/sections, due to the lack of authorization and CSRF checks when handling...

FreeType invalid free() flaw

FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary PFB file, which triggers a free of arbitrary memory locations, leading to memory corruption...