2 matches found
PT-2026-49260
Name of the Vulnerable Software and Affected Versions Mastodon versions prior to 4.6.0 Description A missing condition in the verification process for remote accounts consenting to be featured in a remote Collection allows attackers to bypass checks and fake consent. An attacker can forge the...
b2evolution SQL注入漏洞
b2evolution is a community content management system based on PHP and MySQL. A command injection vulnerability exists in b2evolution v7.2.2-stable, which can be exploited by a remote attacker to obtain sensitive database information by injecting SQL commands into the "cf name" parameter when...