28 matches found
TYPO3 访问控制错误漏洞
TYPO3 is a free and open source content management system framework CMS/CMF from the TYPO3 Association in Switzerland. A security vulnerability exists in TYPO3 version 5.5.3, version 6.x up to and including version 6.3.4, and version 7.x up to and including version 7.1.0, which stems from a lack ...
PT-2022-19603 · WordPress · Wordpress Infinite Scroll – Ajax Load More
Name of the Vulnerable Software and Affected Versions: WordPress Infinite Scroll – Ajax Load More plugin versions up to, and including, 5.5.3 Description: The issue allows authenticated attackers with administrative privileges to download arbitrary files hosted on the server due to insufficient...
CVE-2020-4447
IBM FileNet Content Manager 5.5.3 and 5.5.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 1812...
WPJobBoard Cross-Site Scripting Vulnerability
WPJobBoard is a WordPress job board plugin. A persistent cross-site scripting vulnerability exists in WPJobBoard 5.5.3. The vulnerability can be exploited to execute malicious code via the "Add Job" form...
Arbitrary File Upload Vulnerability in CLTPHP Version 5.5.3
CLTPHP is a content management system based on ThinkPHP5 development with Layui framework in the backend. CLTPHP version 5.5.3 suffers from an arbitrary file upload vulnerability, which allows an attacker to directly upload malicious scripts without any privileges and control the web server...
SQL Injection Vulnerability in Daimi CMS v5.5.3
DAMI CMS is a free open source, fast, simple PC station and cell phone station integration integration system, is committed to providing users with simple, fast PC station and smart phone station solutions. A SQL injection vulnerability exists in the version V5.5.32017-04-15 of DAMI CMS, which ca...
strongSwan ASN.1 Parser Denial of Service Vulnerability
strongSwan is an open source IPsec-based VPN solution for Linux platforms maintained by Andreas Steffen, a Swiss software developer. The solution includes authentication mechanisms such as X.509 public key certificates, secure storage of private keys, smart cards, etc. The ASN.1 parser is a tool...
2021-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 20H2 for x64 (KB5005539)
2021-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 20H2 for x64 KB5005539...