8 matches found
CVE-2025-11010
A vulnerability has been found in vstakhov libucl up to 0.9.2. Affected by this vulnerability is the function uclincludecommon of the file /src/uclutil.c. Such manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the...
CVE-2022-49944
In the Linux kernel, the following vulnerability has been resolved: Revert "usb: typec: ucsi: add a common function ucsiunregisterconnectors" The recent commit 87d0e2f41b8c "usb: typec: ucsi: add a common function ucsiunregisterconnectors" introduced a regression that caused NULL dereference at...
PT-2022-12531 · Binaryen +1 · Binaryen +1
Name of the Vulnerable Software and Affected Versions: Binaryen version 103 Description: A Stack Overflow issue exists via the printf common function. This allows for a potential overflow, which could be exploited. Recommendations: For Binaryen version 103, consider disabling the printf common...
Wuzhi WUZHI CMS 安全漏洞
Wuzhi WUZHI CMS is an open source content management system CMS based on PHP and MySQL by Wuzhi. A security vulnerability exists in WUZHI CMS under 4.1.0, which stems from a blacklist bypass issue in common.func.php and can lead to remote code execution when uploaded...
Mao10cms最新版前台注入2枚打包
简要描述: Mao10cms最新版前台注入2枚打包,可出任意数据 详细说明: Mao10cms用户量不小,2015-06-25更新的V3.5.2,今天来学习一下吧 两个注入点,分别存在在于application/common/common/function.php/mctitle方法和application/common/common/function.php/mcseo中。注入产生的原因都是id没有过滤,这两个注入点前台可直接注入出数据。这里以application/common/common/function.php/mctitle为例进行说明。...
YXcms1.2.0版本 存储式XSS(实站演示+源码分析)
简要描述: YXcms 最新1.2.0版本 存储式XSS(实站演示) 源码分析请见详细说明,各种躺枪的演示在漏洞证明 详细说明: 题外话:之所以发这个漏洞,是因为 1.这个CMS的过滤比较强,不像之前某些CMS一丁点儿过滤都没有 完全没有挑战的价值 2.Stored-XSS 是跨站中危害比较大的漏洞,之前一直没找机会玩一玩跨站,再不发跨站的漏洞可能会被人认为不会挖XSS的洞洞 看代码 /protected/apps/default/controller/extendController.php line:40 sessionstarts; //接收表单的地方...
Magic Photo Storage Website _config[site_path] File Include Vuln
No description provided by source. magic photo storage website -- Remote File Inclusion Vendor : http://www.scriptaty.net/magic-photo-storage-website.html Demo Site : http://www.turnkeydemos.info/demo/picstorage/ Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg...
Magic Photo Storage Website _config[site_path] File Include Vuln
Exploit for unknown platform in category web applications ================================================================ Magic Photo Storage Website configsitepath File Include Vuln ================================================================ magic photo storage website -- Remote File...