5 matches found
CVE-2025-0473
Vulnerability in the PMB platform that allows an attacker to persist temporary files on the server, affecting versions 4.0.10 and above. This vulnerability exists in the file upload functionality on the ‘/pmb/authorities/import/iimportauthorities’ endpoint. When a file is uploaded via this...
PHOENIX CONTACTs WP 6xxx series web panels Security Vulnerability
PHOENIX CONTACTs WP 6xxx series web panels are a series of web panels from PHOENIX CONTACTs, Germany. A security vulnerability exists in PHOENIX CONTACT WP 6xxx series versions prior to 4.0.10, which originates in the web panels, where a remote attacker with low privileges can gain limited read...
SUSE CVE-2013-3525
SQL injection vulnerability in Approvals/ in Request Tracker RT 4.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ShowPending parameter. NOTE: the vendor disputes this issue, stating "We were unable to replicate it, and the individual that reported it retracted...
redis: Heap corruption in lua_cmsgpack.c
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows...
UBUNTU-CVE-2016-4553
clientside.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request...