Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 5.4.13, which stems from the download impor...

CVE-2025-11344

A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Handler. The manipulation results in Remote Code Execution. The attack may be performed from remote. Upgrading to version 8.24, 9.14 and 10.2...

CVE-2025-11344

A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Handler. The manipulation results in Remote Code Execution. The attack may be performed from remote. Upgrading to version 8.24, 9.14 and 10.2...

CVE-2025-11344

A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Handler. The manipulation results in Remote Code Execution. The attack may be performed from remote. Upgrading to version 8.24, 9.14 and 10.2...

CVE-2025-11344

CVE-2025-11344 affects the ILIAS open-source learning platform in versions up to 8.23, 9.13, and 10.1. The vulnerability involves an unknown function within the Certificate Import Handler that can be manipulated to achieve Remote Code Execution . Exploitation may be possible remotely. A fix is pu...

PT-2025-40941

Name of the Vulnerable Software and Affected Versions ILIAS versions 8.23, 9.13, and 10.1 Description A flaw exists in ILIAS related to the Certificate Import Handler component. This issue allows for Remote Code Execution, potentially triggered remotely. Recommendations Upgrade to version 8.24...

WordPress plugin Zakra 安全漏洞

WordPress Zakra is a WordPress theme known for its power, compatibility and lightweight design, suitable for creating personal blogs, business websites, WooCommerce stores and more. WordPress Zakra suffers from an unauthorized modification vulnerability that stems from a missing...

CVE-2024-1253

A vulnerability, which was classified as critical, has been found in Byzoro Smart S40 Management Platform up to 20240126. Affected by this issue is some unknown functionality of the file /useratte/web.php of the component Import Handler. The manipulation of the argument fileupload leads to...

TablePress Plugin vulnerable to Cross-site Scripting

A cross-site scripting vulnerability was found in an unknown function of the component Table Import Handler. The manipulation of the argument Import data leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used...

GHSA-9MF2-HPJ4-RW3R TablePress Plugin vulnerable to Cross-site Scripting

A cross-site scripting vulnerability was found in an unknown function of the component Table Import Handler. The manipulation of the argument Import data leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used...

PT-2022-24120 · WordPress · Tablepress

Name of the Vulnerable Software and Affected Versions: TablePress Plugin affected versions not specified Description: A cross-site scripting issue was found in the Table Import Handler component. The manipulation of the Import data argument leads to cross-site scripting. It is possible to launch...

PT-2021-24132 · Apache · Apache Solr

Name of the Vulnerable Software and Affected Versions: Apache Solr versions prior to 8.11.1 Description: An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path, resulting in an SMB network call being made from the Solr host ...

VulnCheck KEV: CVE-2019-0193

The optional Apache Solr module DataImportHandler contains a code injection vulnerability...

DEBIAN-CVE-2019-0193

In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debuggi...

DEBIAN-CVE-2018-1308

This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion XXE in the &dataConfig= parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the...