2 matches found
Zucchetti Ad Hoc Infinity 安全漏洞
Zucchetti Ad Hoc Infinity is an ERP software from Zucchetti. A security vulnerability exists in Zucchetti Ad Hoc Infinity version 2.4 that stems from improper checking of the mcURL parameter, which could result in a victim being redirected to an attacker-controlled website...
rhev: vds_installer is prone to MITM when downloading 2nd stage installer
The vdsinstaller in Red Hat Enterprise Virtualization Manager RHEV-M before 3.1, when adding a host, uses the -k curl parameter when downloading deployUtil.py and vdsbootstrap.py, which prevents SSL certificates from being validated and allows remote attackers to execute arbitrary Python code via...