9 matches found
CVE-2026-26074
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::map corruption. The trigger is CSMS GetLog/UpdateFirmware request network with an EVSE fault event physical. This results in TSAN reports concurrent access data race to eventqueue...
CVE-2026-26074
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::map corruption. The trigger is CSMS GetLog/UpdateFirmware request network with an EVSE fault event physical. This results in TSAN reports concurrent access data race to eventqueue...
EUVD-2026-16218
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::map corruption. The trigger is CSMS GetLog/UpdateFirmware request network with an EVSE fault event physical. This results in TSAN reports concurrent access data race to eventqueue...
CVE-2026-26074
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::map corruption. The trigger is CSMS GetLog/UpdateFirmware request network with an EVSE fault event physical. This results in TSAN reports concurrent access data race to eventqueue...
EUVD-2011-5121
Malware in sbrugna...
PT-2023-10814 · Unknown · Newcomer1989 Tsn-Ranksystem
Name of the Vulnerable Software and Affected Versions: Newcomer1989 TSN-Ranksystem versions up to 1.2.6 Description: A vulnerability has been found in Newcomer1989 TSN-Ranksystem, affecting the getlog function of the file webinterface/bot.php. The manipulation leads to cross-site scripting. The...
TurboMail邮件系统任意文件读取漏洞(需管理权限)
简要描述: TurboMail邮件系统处理日志文件时未对文件路径进行判断,导致可读取服务器上的任意文件。 详细说明: 邮件后台管理进行“WEB日志查看”时存在任意文件读取漏洞。 漏洞代码位于TomcatLogAjax.class,其中getLog函数读取web服务器日志文件的源代码实现如下: publicstatic void getLogHttpServletRequest request, HttpServletResponse response throws ServletException, IOException MailSession ms =...
CVE-2011-5221
Cross-site scripting XSS vulnerability in the getLog function in svnlook.php in WebSVN before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via the path parameter to 1 comp.php, 2 diff.php, or 3 revision.php...
WebSVN 'path' 参数跨站脚本漏洞
Bugtraq ID: 51109 WebSVN是一个基于Web的Subversion Repository浏览器。 通过"path"参数传递给comp.php或revision.php脚本的输入在返回用户之前svnlook.php脚本中的"getLog"函数对此缺少过滤,可被利用进行跨站脚本攻击。 构建恶意URL,诱使用户解析,可获得敏感信息或劫持用户会话 0 WebSVN 2.3.2 WebSVN 2.1 WebSVN 2.0rc4 WebSVN 2.0 WebSVN 1.7 WebSVN 1.0 厂商解决方案 WebSVN 2.3.1及之后版本已经修复此漏洞,建议用户下载使用:...