24 matches found
Important: containerd
Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...
WordPress plugin Zota 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
Moodle Security Breach
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle that stems from an attacker being able to perform a local file containment attack in a share...
Trend Micro Apex Central Local File Containment Vulnerability
Trend Micro Apex Central is a Web-based product console from Trend Micro. A local file inclusion vulnerability exists in Trend Micro Apex Central, which can be exploited by an attacker to execute arbitrary code in the system context by submitting a special request...
File Containment Vulnerability in Tian Yue Network Security Audit System of Qixing Information Technology Group Co.
Providence Peak Network Security Audit System is a compliance management system for fine-grained auditing of network operation behaviors in business environments. A file inclusion vulnerability exists in the Tianyue Network Security Audit System of Qixing Information Technology Group Company...
Shanghai Zhuozhuo Network Technology Co., Ltd. DedeCMS file containment vulnerability
DedeCMS is a PHP open source website management system. Shanghai Zhuozhuo Network Technology Co., Ltd DedeCMS file contains a vulnerability that can be exploited by attackers to execute commands...
Shanghai Zhuozhuo Network Technology Co., Ltd. DedeCMS file containment vulnerability
DedeCMS is a PHP open source website management system. Shanghai Zhuozhuo Network Technology Co., Ltd DedeCMS file contains a vulnerability that can be exploited by attackers to execute commands...
File Containment Vulnerability in Qibo CMS System
Qibo CMS whole station system is a domestic open source CMS system, including articles, pictures, downloads, shopping malls, built-in features, orders, exams and other modules. Qibo CMS system has a file containment vulnerability that can be exploited by attackers to obtain server control...
File Containment Vulnerability in Medical Virtual Simulation Teaching Experiment Platform of Shanghai Dream Road Digital Technology Co.
Shanghai Dream Road Digital Technology Co., Ltd. is engaged in medical virtual simulation teaching software research and development and medical big data mining software research and development has been more than 10 years of experience, from a technology research and development and product...
SAP BusinessObjects Business Intelligence Platform Cross-Site Request Forgery Vulnerability
SAP BusinessObjects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP. The product has report generation, analysis, data visualization and other functions. A cross-site request forgery vulnerability exists in SAP...
File Containment Vulnerability in MetInfo v5.0.4 of Changsha Mito Information Technology Co.
Mito enterprise building system MetInfo is a free and open source enterprise CMS. Changsha Mito Information Technology Co., Ltd MetInfo v5.0.4 version of the file contains a vulnerability that can be exploited by attackers to view sensitive server files...
File Containment Vulnerability in DM Building System (CNVD-2020-40756)
DM enterprise building system is developed by php + mysql a set of specialized in small and medium-sized enterprise website construction of open source cms. DM website builder system has a file containment vulnerability , attackers can exploit the vulnerability to obtain server privileges...
File Containment Vulnerability in Cloud EC B2C Self-Hosted Version
Cloud EC e-commerce system hereinafter referred to as Cloud EC is a set of PHP + MYSQL-based open source e-commerce system software developed independently by Cloud MYSQL e-commerce Co. Cloud EC B2C Self-supporting version of the existence of file containment vulnerability, attackers can use the...
File Containment Vulnerability in the Backend of the Most Earth Group Buying System
The most earth group-buying system is the most professional and powerful GroupOn mode of free open source group-buying system platform. The most earth group purchase system backend file contains a vulnerability that can be exploited by attackers to obtain server information...
EulerOS Virtualization 3.0.1.0 : cvs (EulerOS-SA-2019-1455)
According to the version of the cvs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Array index error in the applyrcschange function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containin...
Aike cms backstage file containment vulnerability
Acme CMS is a full-featured, PHP + Mysql architecture, multi-language, responsive display, suitable for personal website construction CMS building system. Acme CMS backend file contains a vulnerability , attackers can use the vulnerability to download system files , to obtain sensitive informatio...
Partner Perspectives: Accelerated Alert Handling from Syncurity and Carbon Black
JP Bourget is the Founder and CSO of Syncurity. One of the key Security Orchestration, Automation and Response SOAR use cases I see every day is alert handling. As more and more organizations adopt EDR solutions, like those offered by Carbon Black, Syncurity IR-Flow is able to speed up the alert...
Sera 1.2 - Local Privilege Escalation Password Disclosure
Sera 1.2 - Local Privilege Escalation Password Disclosure Sera is a free app for mac and iOS that lets you unlock your mac automatically when your iphone is within a configured proximity. Unfortunately to facilitate this it stores the users login password in their home directory at:...
File Containment Vulnerability in iWebShop Open Source Mall System
iWebShop is an open source WEB e-commerce B2B2C platform self-supporting + merchants stationed station-building system based on PHP language + MYSQL database development, using the MVC architecture Yii framework thinking design pattern carefully designed a product. iWebShop open source mall syste...
Arbitrary File Upload Vulnerability in SignName Parameter of Tibco Call Center System
The core of Tibco's call center system is a communication-based system for internal and external corporate communication. An arbitrary file upload vulnerability exists in the signName parameter of the Tibus Communication Call Center System. 1 File upload: /sysmaint/import/import.php, save...