ownCloud: Remote Code Execution through "Files_antivirus" plugin

Hi, I would like to report a Remote Code Execution in OwnCloud. The flaw is exploitable as an authenticated user and level of privileges required is "Administrator". Vulnerable component is the plugin "filesantivirus", freely downloadable via the market and available in owncloud github repository...

MantisBT Cross-Site Scripting Vulnerability (CNVD-2017-04630)

MantisBT is an open-source issue management system developed in PHP and commonly used for internal collaboration within corporate teams. A cross-site scripting vulnerability exists in the admconfigreport.php page in MantisBT 1.2.16 and later versions, which can be exploited to inject arbitrary We...

MantisBT 'adm_config_report.php' cross-site scripting vulnerability (CNVD-2015-01092)

MantisBT is a popular web-based bug tracking system written in PHP. A cross-site scripting vulnerability exists in MantisBT 'admconfigreport.php' due to the program failing to adequately filter user-supplied input. An attacker could exploit this vulnerability to execute arbitrary script code or...