246 matches found
PHP7CMS suffers from information leakage vulnerability
PHP7 content management system referred to as PHP7CMS by Chunjie studio using PHP7 technology newly developed content management program. There is an information leakage vulnerability in PHP7CMS. The vulnerability is due to the program installation will write the database information into the cac...
Code Execution Vulnerability in PHPMyWind v5.4
PHPMyWind is a PHP MySQL-based development , W3C-compliant building engine . A code execution vulnerability exists in PHPMyWind v5.4. PHPMyWind can be exploited to execute arbitrary code when implementing the generation of cache configuration files...
$_SERVER[SCRIPT_NAME]variable to the value of the injected malicious code-vulnerability warning-the black bar safety net
$SERVER'SCRIPTNAME'variable in the route pass the parameters, can be introduced into the malicious code, which leads toxssas well as malicious code injection. PS: this article is only for technical discussion and sharing, it is forbidden for any illegal purposes. $SERVER'SCRIPTNAME'variables are...
Code Execution Vulnerability in Cicada Knowledge Enterprise Portal System
Cicada Knowledge Enterprise Portal System is a web content management system. A code execution vulnerability exists in the Cicada Knowledge Enterprise Portal System. The vulnerability is due to improper handling of writing to a cache file. An attacker can construct a malicious request to write...
Code execution vulnerability in DedeCMS backend cache files
Weaving dream content management system DedeCms is a PHP open source website management system. A code execution vulnerability exists in the DedeCMS backend cache file. The vulnerability is due to the system mishandling of input information , allowing an attacker to exploit the vulnerability...
Design/Logic Flaw
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to a login command which allowed impersonating any Jenkins user. The login command available in the remoting-based CLI stored the encrypted user name of the successfully authenticated user in a cache file used to...
Low: nginx
Issue Overview: A flaw within the processing of ranged HTTP requests has been discovered in the range filter module of nginx. A remote attacker could possibly exploit this flaw to disclose parts of the cache file header, or, if used in combination with third party modules, disclose potentially...
Null pointer dereference
In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file by submitting a malformed image file...
Low: Red Hat Security Advisory: rh-nginx110-nginx security update
An update for rh-nginx110-nginx is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
CVE-2017-7529
A flaw within the processing of ranged HTTP requests has been discovered in the range filter module of nginx. A remote attacker could possibly exploit this flaw to disclose parts of the cache file header, or, if used in combination with third party modules, disclose potentially sensitive memory b...
RuboCop Arbitrary Cache File Modification Vulnerability
RuboCop is a Ruby static code analyzer . With the ability to find and resolve code errors. A security vulnerability exists in RuboCop 0.48.1 and earlier versions. A local attacker can exploit the vulnerability to tamper with other users' cached files...
Phpcms V9. 6. 0 any file write getshell vulnerability analysis-vulnerability warning-the black bar safety net
1 Introduction: It is said to be one in the underground has been around for half a 0day, which has recently been broke to, in the membership registration page, that this vulnerability without the need to login you can use, or more powerful. 2 vulnerability analysis: Follow up on the registration...
PYSEC-2017-32
The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file...
fontconfig security update
CentOS Errata and Security Advisory CESA-2016:2601 An update for fontconfig is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...
Moderate: Red Hat Security Advisory: fontconfig security and bug fix update
An update for fontconfig is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Finecms 2.0.1 background GETSHELL 0DAY-vulnerability warning-the black bar safety net
FineCMS have a cache function, and when the Wordpress like, there is a cache function and cache file name is not random and the suffix is php, it leads to a can use background cache function getshell it. Below is the Payload PHP | 1 2 3 4 5 6 7 8 9 1 0 1 1 1 2 1 3 1 4 1 5 1 6 1 7 1 8 | POST /inde...
UBUNTU-CVE-2016-7513
Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service segmentation fault via unspecified vectors...
PT-2016-7355 · Imagemagick +2 · Imagemagick +2
Name of the Vulnerable Software and Affected Versions: ImageMagick affected versions not specified Description: The issue is related to an off-by-one error in the magick/cache.c file of ImageMagick, which allows remote attackers to cause a denial of service, resulting in a segmentation fault. The...
FreeBSD : fontconfig -- insufficiently cache file validation (44989c29-67d1-11e6-8b1d-c86000169601)
Debian security team reports : Tobias Stoeckmann discovered that cache files are insufficiently validated in fontconfig, a generic font configuration library. An attacker can trigger arbitrary free calls, which in turn allows double free attacks and therefore arbitrary code execution. In...
DEBIAN-CVE-2016-5384
fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file...