5 matches found
paicoding 代码问题漏洞
Paicoding is an open-source community system developed by ITWanger’s individual developers. Versions 1.0.0, 1.0.1, 1.0.2, and 1.0.3 of Paicoding contain code vulnerabilities. These vulnerabilities stem from incorrect handling of the img parameter in the function Save within the component Image Sa...
Code-Projects Online Note Sharing 代码问题漏洞
Code-Projects Online Note Sharing is an online note sharing software from Code-Projects open source. A code issue vulnerability exists in Code-Projects Online Note Sharing version 1.0, which stems from improper handling of the parameter image in the file /dashboard/userprofile.php, which could le...
Arbitrary File Upload
Synapse is vulnerable to Arbitrary File Upload. The vulnerability is due to improper handling of uncommon image formats during thumbnail generation, which could invoke external tools like Ghostscript, increasing the risk of exploitation...
Input validation
Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: OTRS Community Edition 5.0.x version 5.0.39 and prior...
CVE-2020-1766
Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: OTRS Community Edition 5.0.x version 5.0.39 and prior...