Ruoyi 代码问题漏洞

RuoYi is a backend management system by the individual developer of RuoYi in China. A security vulnerability exists in versions of Ruoyi prior to 4.6.1, which stems from incorrect deserialization of its Shiro framework allowing an attacker to run arbitrary code via weak passwords...

Cisco IoT Field Network Director File Overwrite Vulnerability

Cisco IoT Field Network Director FND is a network management system for large-scale FAN deployments. A file overwrite vulnerability exists in Cisco IoT Field Network Director versions prior to 4.6.1. The vulnerability stems from inadequate file system protection. An attacker can exploit the...

CVE-2016-7168

Cross-site scripting XSS vulnerability in the mediahandleupload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a crafted filename...

CVE-2016-7169

Directory traversal vulnerability in the FileUploadUpgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter...