7 matches found
CVE-2024-7631 Openshift-console: openshift console: path traversal
A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json. This endpoint's lng and ns parameters are used to construct a filepath in pkg/plugins/handlers unsafely.goL112 Because of this unsafe filepath construction, an...
Dover Fueling Solutions MAGLINK LX Console Path Traversal Vulnerability
The Dover Fueling Solutions MAGLINK LX Console is Dover Fueling Solutions' integrated console for fuel stations and oil distribution. This console is designed to help manage various operations at fuel stations, including refueling, payment, data monitoring, and oil management. A path traversal...
PT-2023-16423 · Dst-Admin · Dst-Admin
Name of the Vulnerable Software and Affected Versions: dst-admin version 1.5.0 Description: A critical vulnerability was found in dst-admin, affecting an unknown functionality of the file /home/cavesConsole. The manipulation of the command argument leads to command injection. The attack can be...
Fortinet FortiClient FortiTray Code Issue Vulnerability
Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A code issue vulnerability exists in Fortinet FortiClien...
baigo CMS Cross-Site Scripting Vulnerability
baigo CMS is a PHP-based open source web content management system. A cross-site scripting vulnerability exists in baigo CMS 2.1.1. A remote attacker can use this vulnerability to inject arbitrary Web script or HTML via the optbaseBGSITENAME parameter of the bgconsole/index.php?m=opt&c=request UR...
JTBC(PHP) File Upload Vulnerability
JTBC PHP is a PHP-based open source content management system CMS. A file upload vulnerability exists in JTBCPHP version 3.0.1.8, which can be exploited to upload arbitrary files with the help of console//console/file/manage.php?type=list URI...
Kaltura server cross-site scripting vulnerability (CNVD-2017-02387)
Kaltura is an open source online video platform. kaltura server is one of the servers. A cross-site scripting vulnerability exists in Kaltura server Lynx-12.11.0 and earlier versions, which stems from the program failing to adequately filter user submissions to the...