6 matches found
QNAP Systems Qfiling 路径遍历漏洞
QNAP Systems Qfiling is an automated archiving and file organizing tool from QNAP Systems Taiwan, China. A path traversal vulnerability exists in QNAP Systems Qfiling versions prior to 3.13.1, which stems from a path traversal that could result in reading unexpected file or system data...
CVE-2023-53907
Bludit versions before 3.13.1 contain an authenticated file download vulnerability in the Backup Plugin that allows logged-in users to access arbitrary files. Attackers can exploit the plugin's download functionality by manipulating file path parameters to read sensitive system files through...
Snowflake Connector for Python SQL注入漏洞
Snowflake Connector for Python is an open source interface from Snowflake Computing. It is used to develop Python applications that can connect to Snowflake and perform all standard operations. A SQL injection vulnerability exists in Snowflake Connector for Python versions prior to 3.13.1, which...
PT-2024-37255 · WordPress · Givewp
Name of the Vulnerable Software and Affected Versions: GiveWP – Donation Plugin and Fundraising Platform versions prior to 3.13.1 Description: The issue allows unauthorized modification of data due to a missing capability check on the handle request function. This makes it possible for...
PT-2023-20328 · Gradio · Gradio
Name of the Vulnerable Software and Affected Versions: Gradio versions prior to 3.13.1 Description: Gradio is an open-source Python library to build machine learning and data science demos and web applications. When using Gradio's share links by setting share=True, a private SSH key is sent to an...
Gradio 信任管理问题漏洞
Gradio is an open source Python library that is a way to demonstrate machine learning models through a friendly web interface. A security vulnerability exists in Gradio versions prior to 3.13.1, which stems from the use of hard-coded credentials that contain...