10 matches found
EUVD-2008-1862
Malware in sbrugna...
EUVD-2012-5399
Malware in sbrugna...
CVE-2025-32321
In isSafeIntent of AccountTypePreferenceLoader.java, there is a possible way to bypass an intent type check due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
OpenFGA Authorization Bypass
Overview OpenFGA v1.9.3 to v1.9.4 openfga-0.2.40 = Helm chart = openfga-0.2.41, v1.9.3 = docker = v.1.9.4 are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. Am I Affected? You are affected by this vulnerability if you are using OpenFGA v1.9.3 to...
Vulnerabilities fixed in Google Chrome
Vulnerabilities have been fixed in Google Chrome. The vulnerabilities potentially allow a malicious person to execute arbitrary code execute under the application's permissions and bypass a security measure to bypass. As usual, Google has made few substantive details made available about the...
in alanaktion/phproject
Description When the user clicks on the file, the application will checking Content-Type to decide whether to download or display the data directly. However, due to incorrect checking, a vulnerability exists leads to Stored XSS. I recommend that the force action relies on the file format instead ...
Minio MinIO 安全漏洞
Minio MinIO is an open source object storage server from the US-based MinIO Minio. The product supports building infrastructures for machine learning, analytics, and application data workloads. A security vulnerability exists in MinIO that allows MITM to modify the request body to skip this check...
Roxy Fileman 1.4.4 - Arbitrary File Upload
Exploit for php platform in category web applications Exploit Title: Roxy Fileman = 1.4.4 Forbidden File Upload Vulnerability Google Dork: intitle:"Roxy file manager" Date: 15-06-2016 Exploit Author: Tyrell Sassen Vendor Homepage: http://www.roxyfileman.com/ Software Link:...
Roxy Fileman 1.4.4 - Arbitrary File Upload
Roxy Fileman 1.4.4 - Arbitrary File Upload Exploit Title: Roxy Fileman = 1.4.4 Forbidden File Upload Vulnerability Google Dork: intitle:"Roxy file manager" Date: 15-06-2016 Exploit Author: Tyrell Sassen Vendor Homepage: http://www.roxyfileman.com/ Software Link:...
Remote file inclusion
ExBB Italia 0.22 and earlier only checks GET requests that use the QUERYSTRING for certain path manipulations, which allows remote attackers to bypass this check via 1 POST or 2 COOKIE variables, a different vector than CVE-2006-4488. NOTE: this can be leveraged to conduct PHP remote file inclusi...