12 matches found
Concrete CMS 跨站请求伪造漏洞
Concrete CMS is an open-source content management system designed for teams. Versions of Concrete CMS prior to 9.5.0 had a cross-site request forgeing vulnerability. This vulnerability stems from the function concrete/controllers/backend/file addFavoriteFolder$id, which is vulnerable to cross-sit...
EUVD-2021-12360
Malware in sbrugna...
EUVD-2016-10020
Malware in sbrugna...
EUVD-2023-39843
Malicious code in bioql PyPI...
PT-2024-35432
Name of the Vulnerable Software and Affected Versions DedeBIZ version 6.3.0 Description The issue is related to an arbitrary file deletion vulnerability. It can be exploited via the /admin/file manage view component. Recommendations For DedeBIZ version 6.3.0, consider restricting access to the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improperly managed proc file, which could lead to a resource leak...
CVE-2022-45966
here is an arbitrary file upload vulnerability in the file management function module of Classcms3.5...
CVE-2019-5211
The CVE-2019-5211 issue affects Huawei P20 devices with Huawei Share prior to Emily-L29C 9.1.0.311, caused by improper file management during file transfers. The vulnerability could allow an attacker to cause deletion of files on the victim’s device after tricking the user into certain operations...
DedeCMS Arbitrary File Write Vulnerability
Desdev DedeCMS Dream Weaving Content Management System is China's Zhuozhuo network Desdev Technology Co., Ltd. of a set of open-source set of content publishing, editing, management and retrieval of PHP Web site content management system CMS. A security vulnerability exists in the file...
Code execution vulnerability in HAIRUICMS v2.1.4 /FileManage/fsoedit.asp file
HAIRUICMS HAIRUICMS is developed by HAIRUICMS based on Microsoft ASP and general ACCESS/MSSQL database. HAIRUICMS v2.1.4 /FileManage/fsoedit.asp file has a code execution vulnerability. An attacker can exploit the vulnerability to directly edit scripts to write Trojan horses and obtain a webshell...
PHPfileNavigator 2.3.3 Privilege Escalation
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPFILENAVIGATOR0812b.txt Vendor: ========================= pfn.sourceforge.net Product: ===================================================== PHPfileNavigator v2.3.3 pfn...
jDisk (stickto) v2.0.3 iOS - Multiple Web Vulnerabilities
Document Title: =============== jDisk stickto v2.0.3 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1196 Release Date: ============= 2014-02-11 Vulnerability Laboratory ID VL-ID: ==================================== 11...