Panabit PAP-XM320 路径遍历漏洞

Panabit PAP-XM320 is an enterprise-level network traffic management and bandwidth control gateway device developed by Panabit Corporation. Versions of Panabit PAP-XM320 prior to v7.7 contain a path traversal vulnerability. This vulnerability stems from the use of a file system existence check bas...

DRUPAL-CONTRIB-2024-044

This module enables users to remain logged in separately from session timeouts. The module doesn't sufficiently check a user's disabled status when validating cookies. This vulnerability is mitigated by the fact that an attacker must have an unexpired cookie from a previous successful login...

SUSE CVE-2023-45660

Nextcloud mail is an email app for the Nextcloud home server platform. In affected versions a missing check of origin, target and cookies allows for an attacker to abuse the proxy endpoint to denial of service a third server. It is recommended that the Nextcloud Mail is upgraded to 2.2.8 or 3.3.0...

Nextcloud Code Issues Vulnerabilities

Nextcloud is an open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A code issue vulnerability exists in Nextcloud mail, which stems from a lack of checking of the source, target, and cookie...

ZYXEL P-660HN-T1H_IPv6 Remote Configuration Editor/Web Server Denial of Service Vulnerability

ZYXEL P-660HN-T1HIPv6 is a wireless router device. A denial of service vulnerability exists in ZYXEL P-660HN-T1HIPv6. Since ZYXEL Embedded fails to properly check cookies and credentials in the POST method, an attacker can change the settings and methods after viewing the page; launching a denial...