Dolibarr 安全漏洞

Dolibarr is an open-source application developed by Dolibarr developers. It helps manage activities within user organizations. Dolibarr versions 22.0.4 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a local file inclusion vulnerability in the core AJAX...

📄 lollms-webui Server-Side Request Forgery

A critical server-side request forgery vulnerability has been identified in lollms-webui, the web interface for Lord of Large Language and Multi modal Systems. The @router.post"/api/proxy" endpoint allows unauthenticated attackers to force the server into making arbitrary GET requests. This can b...

Remote Code Execution (RCE)

github.com/1panel-dev/1panel is vulnerable to Remote Code Execution RCE. The vulnerability is due to incomplete certificate verification during HTTPS communication between the Core and Agent endpoints, which allows an attacker to gain unauthorized access and execute commands with high privileges...

CVE-2023-36085

The sisqualWFM 7.1.319.103 thru 7.1.319.111 for Android, has a host header injection vulnerability in its "/sisqualIdentityServer/core/" endpoint. By modifying the HTTP Host header, an attacker can change webpage links and even redirect users to arbitrary or malicious locations. This can lead to...