75 matches found
Thinkphp has a code logic error
Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...
CVE-2022-44289
Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...
PT-2022-27168 · Thinkphp · Thinkphp
Name of the Vulnerable Software and Affected Versions: Thinkphp versions 5.0.24 through 5.1.41 Description: The issue is caused by a code logic error that leads to a file upload getting shell access. This allows an attacker to potentially execute arbitrary code on the server. Recommendations: For...
CVE-2022-44289
ThinkPHP 5.0.24–5.1.41 contains a code-logic error in the file-upload path that can allow an attacker to obtain shell access (remote code execution) on affected servers. Exploitation details are not provided in the CVE, but multiple sources concur on the vulnerability scope and impact. A fix exis...
CVE-2022-44289
Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...
CVE-2022-44289
Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...
PT-2024-4357
Name of the Vulnerable Software and Affected Versions PHP versions 8.1. through 8.1.28 PHP versions 8.2. through 8.2.19 PHP versions 8.3. through 8.3.7 Description A code logic error in PHP's filtering functions, such as filter var, when validating URLs with FILTER VALIDATE URL, can result in...
CVE-2022-20420
In getBackgroundRestrictionExemptionReason of AppRestrictionController.java, there is a possible way to bypass device policy restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not need...
ASB-A-219546241
In onDefaultNetworkChanged of Vpn.java, there is a possible way to disable VPN due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
ASB-A-205996517
In mPreference of DefaultUsbConfigurationPreferenceController.java, there is a possible way to enable file transfer mode due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitati...
Google Android 权限许可和访问控制问题漏洞
Google Android is a Linux-based open source operating system from Google, Inc. An elevation-of-privilege vulnerability exists in Google Android, which originates in several functions in LauncherApps.java and could result in an elevation-of-privilege situation due to a logic error in the code. An...
Google Android Elevation of Privilege Vulnerability (CNVD-2022-22949)
Google Android is a Linux-based open source operating system from Google, Inc. An elevation-of-privilege vulnerability exists in Google Android due to a code logic error in kbasejduserbufpinpages in malikbasemem.c. error. An attacker could exploit this vulnerability to elevate local privileges...
CVE-2021-39684
In targetinit of gs101/abl/target/slider/target.c, there is a possible allocation of RWX memory due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
IBM Cloud Pak for Security Information Disclosure Vulnerability (CNVD-2021-36325)
IBM Cloud Pak for Security is an application from IBM America, Inc. An open security platform that connects to your existing data sources to generate deeper insights and enables you to take automated action faster. An information disclosure vulnerability exists in IBM Cloud Pak for Security...
Google Android elevation of privilege vulnerability (CNVD-2021-24924)
Google Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from a code logic error in CrossProfileAppsServiceImpl.java, which results in the application's...