WordPress plugin Post Cloner 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

XAgent 路径遍历漏洞

XAgent is an open source experimental Large Language Model LLM-driven autonomous agent from OpenBMB. A path traversal vulnerability exists in XAgent 1.0.0 and earlier versions, which stems from a path traversal in the file /conv/community...

IrisEVTXModule 安全漏洞

IrisEVTXModule is a DFIR-IRIS open source interface module for extracting Microsoft EVTX log files. A security vulnerability exists in IrisEVTXModule versions prior to 1.0.0, which stems from the presence of an arbitrary file write issue that could lead to remote code execution RCE...

CVE-2023-46943

An issue was discovered in NPM's package @evershop/evershop before version 1.0.0-rc.8. The HMAC secret used for generating tokens is hardcoded as "secret". A weak HMAC secret poses a risk because attackers can use the predictable secret to create valid JSON Web Tokens JWTs, allowing them access t...

EverShop Security Breach

EverShop is EverShop open source a NodeJS e-commerce platform. A security vulnerability exists in EverShop versions prior to v.1.0.0-rc.5. A remote attacker can exploit this vulnerability to obtain sensitive information from the admin panel via a specially crafted script...

Datadog API 安全漏洞

Github datadog-api-client-java is Github an open source application . Provides a JAVA API interface. Datadog API before version 1.0.0-beta.9 A security vulnerability exists in the Datadog API before version 1.0.0-beta.9, which stems from a local disclosure of sensitive information downloaded...