CVE-2024-24572

facileManager is a modular suite of web apps built with the sysadmin in mind. In versions 4.5.0 and earlier, the $REQUEST global array was unsafely called inside an extract function in admin-logs.php. The PHP file fm-init.php prevents arbitrary manipulation of $SESSION via the GET/POST parameters...

SUSE CVE-2020-27218

In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that ...