Vulnerability of the iblock module in the 1C-Bitrix website management system: Website management that allows attackers to execute arbitrary code

Vulnerability of the iblock module in the Content Management System CMS of 1C-Bitrix: Website management is related to incorrect code generation. Exploiting this vulnerability allows a malicious actor to inject arbitrary code into any PHP script executed during the creation of new information...

DEBIAN-CVE-2024-42295

In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle inconsistent state in nilfsbtnodecreateblock Syzbot reported that a buffer state inconsistency was detected in nilfsbtnodecreateblock, triggering a kernel bug. It is not appropriate to treat this inconsistency as a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a state inconsistency in the nilfs2 in the nilfsbtnodecreateblock function...

DRUPAL-CONTRIB-2023-017

The Consent Popup provides a configurable popup that requires acceptance of a question before the visitor can continue, typically used for age consent. The module doesn't sufficiently sanitizes the text on the block leading to a cross site scripting XSS vulnerability. This vulnerability is...

CVE-2017-6068

Subrion CMS 4.0.5 has CSRF in admin/blocks/add/. The attacker can create any block, and can optionally insert XSS via the content parameter...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Pulse CMS Basic 1.2.2 and 1.2.3, and possibly Pulse Pro before 1.3.2, allow remote attackers to hijack the authentication of users for requests that 1 upload image files, 2 delete image files, or 3 create blocks...

CVE-2010-0992

Pulse CMS CSRF vulnerabilities (CVE-2010-0992) affect Pulse CMS Basic 1.2.2/1.2.3 and possibly Pulse Pro