3 matches found
CVE-2026-7411
In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, inadequate path normalization in the Submodel HTTP API allows an unauthenticated remote attacker to perform a path traversal attack. By supplying a maliciously crafted fileName parameter during a file upload operation, an...
Zenitel TCIS-3+ 安全漏洞
Zenitel TCIS-3+ is an IP intercom terminal produced by the Norwegian company Zenitel. There is a security vulnerability in Zenitel TCIS-3+, which allows authenticated attackers to execute arbitrary commands on the underlying system using the file names uploaded by them...
OpenText Documentum D2 Webtop Cross-Site Scripting Vulnerability (CNVD-2018-07985)
OpenText Documentum D2 Webtop is a set of enterprise-class content management system from OpenText Canada. The system manages the entire information lifecycle through the creation, modification, tracking and other functions, which includes a number of extensions, such as Documentum Web Publisher...