5 matches found
CVE-2026-24138
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1754 and below contain an unauthenticated SSRF vulnerability in getversion.php which can be triggered by providing a user-controlled url parameter. It can be used to fetch both internal websites an...
CVE-2026-24138 FOG vulnerable to unauthenticated SSRF via `/fog/service/getversion.php`
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1754 and below contain an unauthenticated SSRF vulnerability in getversion.php which can be triggered by providing a user-controlled url parameter. It can be used to fetch both internal websites an...
EUVD-2023-50472
Malicious code in bioql PyPI...
CVE-2024-34477
configureNFS in lib/common/functions.sh in FOG through 1.5.10 allows local users to gain privileges by mounting a crafted NFS share because of norootsquash and insecure. In order to exploit the vulnerability, someone needs to mount an NFS share in order to add an executable file as root. In...
CVE-2024-34477
configureNFS in lib/common/functions.sh in FOG through 1.5.10 allows local users to gain privileges by mounting a crafted NFS share because of norootsquash and insecure. In order to exploit the vulnerability, someone needs to mount an NFS share in order to add an executable file as root. In...