Termix 命令注入漏洞

Termix is a server management platform developed by Karmaa’s individual developers. Versions of Termix prior to 2.1.0 contained a command injection vulnerability. This vulnerability stemmed from the use of double-quoted strings in the extractArchive and compressFiles endpoints, which allowed for...

PT-2025-43440

Name of the Vulnerable Software and Affected Versions TESI Gandia Integra Total version 4.4.2236.1 Description An authenticated attacker can download a ZIP file containing files from the server, including those in parent directories. This is possible by exploiting the direstudio parameter in the...