MiniGal Nano 路径遍历漏洞

MiniGal Nano is a PHP album program developed by Rybber’s individual developer. Versions of MiniGal Nano prior to 0.3.5 had a path traversal vulnerability. This vulnerability stemmed from an issue with the dir parameter in the index.php file, which allowed for path traversal attacks. This could...

EUVD-2021-23004

Malware in sbrugna...

CVE-2021-36389

In Yellowfin before 9.6.1 it is possible to enumerate and download uploaded images through an Insecure Direct Object Reference vulnerability exploitable by sending a specially crafted HTTP GET request to the page "MIImage.i4"...

Yellowfin insecure direct object reference vulnerability

An insecure direct object reference vulnerability exists in versions of Yellowfin prior to 9.6.1, a business intelligence automated analytics, cross-vendor narrative and collaboration software suite. An attacker could exploit the vulnerability by sending a specially crafted HTTP GET request to th...

CVE-2021-36389

In Yellowfin before 9.6.1 it is possible to enumerate and download uploaded images through an Insecure Direct Object Reference vulnerability exploitable by sending a specially crafted HTTP GET request to the page "MIImage.i4"...

CVE-2021-36389

In Yellowfin before 9.6.1 it is possible to enumerate and download uploaded images through an Insecure Direct Object Reference vulnerability exploitable by sending a specially crafted HTTP GET request to the page "MIImage.i4"...