52 matches found
EUVD-2017-2783
Malware in sbrugna...
EUVD-2021-21455
Malware in sbrugna...
EUVD-2020-6317
Malware in sbrugna...
EUVD-2022-32123
Malicious code in bioql PyPI...
WordPress plugin B Slider 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress B Slider plugin suffers from a server-side request forgery vulnerability that stems from the fsapirequest function not implementing an adequate validation mechanis...
Apache OFBiz code issue vulnerability (CNVD-2024-46271)
Apache OFBiz is the United States Apache Apache Foundation of a set of enterprise resource planning ERP system. The system provides a set of Java-based Web application components and tools. A security vulnerability exists in Apache OFBiz that stems from the product's failure to properly validate...
Apache OFBiz 代码问题漏洞
Apache OFBiz is the United States Apache Apache Foundation of a set of enterprise resource planning ERP system. The system provides a set of Java-based Web application components and tools. A security vulnerability exists in Apache OFBiz that stems from the product's failure to properly validate...
CVE-2024-39347
Incorrect default permissions vulnerability in firewall functionality in Synology Router Manager SRM before 1.2.5-8227-11 and 1.3.1-9346-8 allows man-in-the-middle attackers to access highly sensitive intranet resources via unspecified vectors...
CVE-2024-39347
CVE-2024-39347 concerns Synology Router Manager (SRM) firewall: incorrect default permissions in SRM’s firewall functionality allow attackers to access highly sensitive intranet resources. Affected releases include SRM before 1.2.5-8227-11 and before 1.3.1-9346-8. Public sources describe the flaw...
CVE-2024-39347
Incorrect default permissions vulnerability in firewall functionality in Synology Router Manager SRM before 1.2.5-8227-11 and 1.3.1-9346-8 allows man-in-the-middle attackers to access highly sensitive intranet resources via unspecified vectors...
MyBB Server Request Forgery Vulnerability
MyBB MyBulletinBoard is a free and web-based forum software developed by MYBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. A server request forgery vulnerability exists in MyBB versions prior to 1.8.38, which stems from the...
Synology Router Manager (SRM) 1.2.x < 1.2.5-8227-11, 1.3.x < 1.3.1-9346-8 Multiple Vulnerabilities (Synology-SA-23:16) - Remote Known Vulnerable Versions Check
Synology Router Manager SRM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
SuiteCRM Server-Side Request Forgery Vulnerability
SuiteCRM is a customer relationship management system from the SuiteCRM team. SuiteCRM suffers from a server-side request forgery vulnerability that stems from the product's failure to properly validate user input, which can be exploited by an attacker to probe server intranet resources...
SuiteCRM 安全漏洞
SuiteCRM is a customer relationship management system from the SuiteCRM team. SuiteCRM suffers from a server-side request forgery vulnerability that stems from the product's failure to properly validate user input, which can be exploited by an attacker to probe server intranet resources...
Apache Superset Cross-Site Request Forgery Vulnerability
A cross-site request forgery vulnerability exists in Apache Superset, a data visualization and data exploration platform from the Apache Foundation. The vulnerability stems from the failure of two legacy REST APIs for granting and requesting access to properly validate user input, which could be...
Apache Superset 跨站请求伪造漏洞
A cross-site request forgery vulnerability exists in Apache Superset, a data visualization and data exploration platform from the Apache Foundation. The vulnerability stems from the failure of two legacy REST APIs for granting and requesting access to properly validate user input, which could be...
CVE-2022-27622
Server-Side Request Forgery SSRF vulnerability in Package Center functionality in Synology DiskStation Manager DSM before 7.1-42661 allows remote authenticated users to access intranet resources via unspecified vectors...
Server side request forgery (ssrf)
Server-Side Request Forgery SSRF vulnerability in Package Center functionality in Synology DiskStation Manager DSM before 7.1-42661 allows remote authenticated users to access intranet resources via unspecified vectors...
CVE-2022-27622
Server-Side Request Forgery SSRF vulnerability in Package Center functionality in Synology DiskStation Manager DSM before 7.1-42661 allows remote authenticated users to access intranet resources via unspecified vectors...
PT-2022-18528 · Synology · Synology Diskstation Manager
Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 7.1-42661 Description: A Server-Side Request Forgery SSRF issue in the Package Center functionality allows remote authenticated users to access intranet resources via unspecified vectors. Thi...