13 matches found
CVE-2024-34555
Unrestricted Upload of File with Dangerous Type vulnerability in URBAN BASE Z-Downloads.This issue affects Z-Downloads: from n/a through 1.11.3...
CVE-2020-25048
An issue was discovered on Samsung mobile devices with Q10.0 with ONEUI 2.1 software. In the Lockscreen state, the Quick Share feature allows unauthenticated downloads, aka file injection. The Samsung ID is SVE-2020-17760 August 2020...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Downloads in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to obfuscate security UI through a malicious file. Chromium security severity: Medium...
Prestashop 路径遍历漏洞
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. Prestashop 1.7.20 and previous versions of the existence of path traversal...
VulnCheck KEV: CVE-2020-24949
Privilege escalation in PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user not admin to send a crafted request to the server and perform remote command execution RCE...
Malicious Package in m-backdoor
All versions of m-backdoor contain malicious code. The package downloads a file from a remote server and executes it as a preinstall script. At the time of the release of this advisory the downloaded file only defaces websites by removing elements randomly from the DOM. Recommendation Remove the...
CVE-2020-24949
Privilege escalation in PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user not admin to send a crafted request to the server and perform remote command execution RCE...
Malicious Package
next-util is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...
Malicious Package
midway-dataproxy is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...
Malicious Package
cicada-render is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...
Malicious Package
hsf-clients is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...
Malicious Package
tiar is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...
Malicious Package
secureidentityloginmodule is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...